PDA

View Full Version : Router vs. seperate devices



jlreich
11-16-2006, 03:41 PM
OK i have been studying for the Net+ exam after laying off of it for some time.

I was wondering about real world scenarios. Since a router is basically a switch, bridge, gateway, firewall, and router all wrapped up into one device, why use separate devices?

I do see some reasons why. Like using a 1000Mbps switch inside the LAN to get Gb speeds within the LAN without using a much more expensive Gb router when it isn't even needed for the external network. I do this myself in my home LAN.

Or adding functions to an existing setup like a wireless access point without swapping out existing equipment.

But what other reasons are there to use separate devices? Is it just more robust to have dedicate devices doing their own thing?

I am sure the answers will vary depending on a particular situation.

I am also a little fuzzy on Gateways and transceivers. I do understand that a gateway translates different protocols and such used by different types of networks, and that it operates on several levels of the OSI model. And transceivers make it possible to connect two different physical media types. But are these two often on the same device? I guess I mean are there transceivers built into gateways, or is does it have to be separate devices? There are NIC's that have transceivers built in?? Or is it all NIC's have transceivers?? But most don't have multiple physical connections?? :confused: :confused:

I just can't get it straight in my head what gateways and transceivers are used for in the real world. I know what I am reading in the books but it just doesn't fit into a mental picture.

If someone could give me some real world examples from the corporate world I would very much appreciate it. SOHO is easy, but I am talking about WAN's, LAN's, MAN's, and VLAN's. :eek: Sometimes my head just starts swimming with all the AN's. :D

Thanks in advance for any input.

Variable
11-16-2006, 07:11 PM
For what most people do at home a router from your local electronics shop is really a wonderous device. Networking equipment has come a long way quickly thanks to the wide spread use of broadband and low cost PC's.
A all in one device is a nice thing to have for a home user.

In a business enviroment you will run into equipment that by no means keeps pace with mainstream users. Cisco devices were/are so expensive that businesses tend to hold onto the equipment until they have to change. This can take years and years.

There are many companies making devices that do many of the features of a router/firewall/switch combo for businesses. We use several and they work fine.

You have to keep things in perspective though. In a very large network you don't want one device doing everything for several reasons, the main one is usually throughput. A stand alone dedicated device is needed for many situations. For high bandwidth the devices computer hardware is specifically built to do it's job at maximum speed 24/7. They are akin to tanks in that respect. They are tough and do their job very well. If you ran your home router at max speed 24/7 they will not last. Engineers call it MTBF, or Mean Time Between Failure. Expensive hardware is built to last.

Transceivers do what you say. They are still used. Old cisco routers all needed them. They are expensive. They simply interconnect one interface to another. Think USB to PS2. That is a kind of Transciever. T1 line into Ethernet. It is usually a cable going into a box (transciever) with another cable going out.

Gateways are still around. But many networks have went to ethernet. You will still see them very rarely. Kind of like a snipe.

jlreich
11-16-2006, 07:31 PM
In a business enviroment you will run into equipment that by no means keeps pace with mainstream users. Cisco devices were/are so expensive that businesses tend to hold onto the equipment until they have to change. This can take years and years.

Yes I see. I wasn't considering the huge cost of these devices. On a side note to this, is there a big second hand market for older devices like this?

Is there a point that you need to move from a router, and perhaps a couple of switches, to dedicated devices? Not considering the need for 99% uptime or robust security, but rather from just the hardware side of things? 20 machines? 50, 100? X amount of servers?

I should probably know this already, but how do you go from fiber to UTP or vice versa? Is it some kind of transceiver?

Thanks for the info Variable. And sorry for so many questions. I am really trying to grasp what is going on in the large business environment, but unfortunately without getting any hands on at this point. That's the only problem with self study.

Erik
11-16-2006, 08:29 PM
You can't really say at X number of machines you need to go to seperate devices. What will they be doing? How much bandwidth? (An email a day? constant streaming media?) You get the idea it is more complicated than just number of users.

Generally you would be moving to seperate devices more because of the added features they benefit before number of users. Like you need multiple interfaces, not just a internet and LAN, you need VLANs, your need routing protocols to run, etc.

There are devices that will take a fiber and turn it into a UTP type ethernet. Basically they work like a transiever just changing the format and media being used.

I think the biggest market for second hand devices of this type is for students. I am studying for my CCNP and setting up a lab full of seconhand Cisco equipment. I doubt you will see it being reused in a enterprise environment bought second hand. There are to many comlications with licensing, besides which as variable already mentioned they are expensive and used for as long as possible before upgrading. Generally the reason for the upgrade is the product is no longer supported.

jlreich
11-16-2006, 10:34 PM
You can't really say at X number of machines you need to go to seperate devices. What will they be doing? How much bandwidth? (An email a day? constant streaming media?) You get the idea it is more complicated than just number of users.

Generally you would be moving to seperate devices more because of the added features they benefit before number of users. Like you need multiple interfaces, not just a internet and LAN, you need VLANs, your need routing protocols to run, etc.
Right, it makes perfect sense. That's the kind of thing I wanted to know. It isn't about the number of machines, but rather the needs. Which also includes security and uptime requirements.


There are devices that will take a fiber and turn it into a UTP type ethernet. Basically they work like a transiever just changing the format and media being used.
Media Converters, right?


I doubt you will see it being reused in a enterprise environment bought second hand.
Yeah, I was thinking along the lines of small business getting them on the cheap for special needs. And of course building labs like you are.

Thanks guys. Any more thoughts or tips are more than appreciated. :)

Erik
11-16-2006, 11:45 PM
Even with small business I always recommend against it. You need to keep in mind that a business is kept to the license more so than the average person. Plus if they ever need to call up for help it could be a problem. Basically if this will be used in a real live environment it needs to be purchased from a authorized retailer so you get the full benefits of the devices.

Variable
11-17-2006, 02:34 PM
Is there a point that you need to move from a router, and perhaps a couple of switches, to dedicated devices?

Well those are dedicated devices so I am not sure the context of the question. Routers have a thing called a backplane. The backplane has a limit on total throughput. When your throughput exceeds a routers limit you need to buy a new router. Switches have ports, if you have a 24 port switch and you hire the 25th employee you have to buy a new switch. Different switches and routers have different capabilities. For Cisco, look at some online resources for CCDP cert. These give scenarios that decribe a situation and what hardware they would need. This may help you understand, at least with Cisco, why different devices are needed.


On a side note to this, is there a big second hand market for older devices like this?


Yes, there are companies who will buy your old equipment when you upgrade. They can scavenge parts from them to sell for repairs, sell them to companies looking for cheap add ons and of course there is the overseas market. What is old stuff for us may work just fine for someone else in a less developed country.

Cisco devices can be modular. You can add cards to it as needed for different needs. Some of these are probably not even made anymore. If one dies you may need to go to a IT junkyward online and buy a replacement.

We have bought refurbed/used cards for all kind of devices. Usually a patch fix problem until new equipment can be purchased. But when someone is down and needs to get up and running ASAP, it is not the time to switch to new a new infrastructure.

Most new equipment purchases are required for growth.

Erik
11-17-2006, 03:02 PM
Different switches and routers have different capabilities. For Cisco, look at some online resources for CCDP cert. These give scenarios that decribe a situation and what hardware they would need. This may help you understand, at least with Cisco, why different devices are needed.


And the same basic principles apply to any manufacturer. All equipment has some limit at which it will need to be upgraded, so don't think that just because that is a Cisco specific reference it is totally useless if you don't want to deal with Cisco. Just take away the general ideas and knowledge of how to tell wehn upgrades will be required.

When you are looking at some of the more modular equipment it might become unclear as to when it is an upgrade and at what point does it become a whole new devcie? Changing a WIC can make the device take on a whole new function for a fraction of the cost of buying a whole new device.

jlreich
11-17-2006, 05:59 PM
Well those are dedicated devices so I am not sure the context of the question.
Yes they are dedicated, but I was thinking in much bigger terms. I guess I had a picture in my mind of a small business with less than 20 hosts. A 24 port router and a switch is plenty for them if they are just using a file server. But I think even a small business like that should have a dedicated firewall if for nothing else to make security more manageable.

But it then trying to make the jump in my head from a small business like that to a corporation with several buildings with several hundred hosts in each building, and maybe even with connections across the country. Well that's just seems like a whole other ball of wax.

I guess that is really what I'm getting at, this jump from the little guy to the big corps. There has to be a whole other way of thinking when it comes to that, at least to some extent I would think. :confused:


And the same basic principles apply to any manufacturer. All equipment has some limit at which it will need to be upgraded, so don't think that just because that is a Cisco specific reference it is totally useless if you don't want to deal with Cisco. Just take away the general ideas and knowledge of how to tell wehn upgrades will be required.

I will do that. That's excellent advice from you both.

Thanks again. :)

Erik
11-17-2006, 11:40 PM
Well according to the Cisco design theory, if done right (and agin in theory) you can grow a small business network into a enterprise one relitively easily. Basically they say you use a three layer model, Access, Distrobution and Core. At the smaller scale you can compress the core and distrobution into one. Then a large easily expandable type of switch with low port cost goes at access and this is where clients actually connect. Then the distrobution connects together all of the access switches and the core connects all the distrobution.

So if you imagine it you see where it becomes easy to grow with minimal overall impact and redesign, if you start with the right kind of setup.

jlreich
11-18-2006, 12:39 AM
Basically they say you use a three layer model, Access, Distrobution and Core.
Would you elaborate a little on what type of devices fall into each layer? You already said switches are in the access layer and that makes sense. But I'm not sure what falls into the other layers.


So if you imagine it you see where it becomes easy to grow with minimal overall impact and redesign, if you start with the right kind of setup.
Yeah, you actually could go pretty far with say a 24 port router. At least until throughput becomes an issue. If a lot of the traffic stays inside the LAN then it can last even longer by using much cheaper switches to expand.

Thinking ahead and trying to start with the right kind of setup is very important. I always thought it was kind of ridiculous to get just enough, without any thought about expanding later.

Erik
11-18-2006, 12:21 PM
Well it would mostly be switches really. The biggest part of a network will be switches in this day (multi layer switches too). You only need a router to seperate different networks (same goes for a firewall). Although your core layer would be what connects out to the world so it would need to have a router and firewall. The others it would really depend on you network.

There really isn't a 24 port router, it is a 24 port switch. It is a very important difference. A 24 port router (you probably could assemble one with near that many ports but only an ISP or other HUGE network would need one) would mean 24 connections into 24 different networks. A 24 port switch connects 24 devices into the same network. This is where the terms collision domain and broadcast domain are really important. Switch = segment collision domains, Router = segment broadcast domains.

It is not just a matter of planning right so you can buy another cheaper model switch to expand later. There is much more to it than that. Basically you can expand any network (in terms of connected hosts) by just buying another heap switch and uplinking to the existing one. The tricky part comes when you want to do it right, so you get good performance, stability, and easy management. Just as a quick example there you can buy a siwtch that is an indepdant entity, you need to assign it its own managment IP address and configure it all iindividually. Or you can buy switches with features like stacking or a chasis that accepts multiple cards. In the first category if you grow it means you will need to use another IP for the switch, and manually configure for your environment. The second you just connect in another switch or card and it will take all configurations from the existing devices.

jlreich
11-19-2006, 04:58 PM
This is where the terms collision domain and broadcast domain are really important. Switch = segment collision domains, Router = segment broadcast domains.
Are you referring to when you have a number of machines on a switch, when those machines on the same segment talk to each other, the data never leaves the switch, but stays in that segment? And the router (or even another switch) that the switch is linked to isn't even aware that communication is even happening? This is a collision domain? And the routers port that the switch is attached to is the broadcast domain?

Is that correct? Or am I way off?


The tricky part comes when you want to do it right, so you get good performance, stability, and easy management.
Absolutely.


The second you just connect in another switch or card and it will take all configurations from the existing devices.
Oh yes that would be great. A modular device like that is most useful.

What are the big differences from a router and a managed switch? Since managed switches work on the network layer of the OSI model (I believe), how much more are they like a router since they obviously do more than just look at the header of the frame like regular switches? I would assume the biggest difference is they don't do DHCP. But do they actually perform a routing function? Or am I again way off base?

Thanks again for all your time.

Erik
11-20-2006, 12:27 AM
A collision domain is the segment in which if multiple devices were to send data at the same moment a collision could occure. Basically a hub creates one large collision domain by connecting all devices to one share wire. A switch creates many small collision domains, each port is its own collision domain between switch and attached device. A broadcast domain is the area in which if a broadcast is sent out devices would receive this. For example an entire subnet is a broadcast domain (like 192.168.1.0/24).

Not to be annoying or anything, but a switch is a switch and a router is a router. Switching works at OSI layer 2, routing at layer 3. There are multilayer switches that can make routing decisons although not really work in place of a router. A managed switch works at layer 2 but offers things like VLANs, security features, spanning tree, redundancy possibilites, etc. An unmanaged switch is basically plug everything in and create on big broadcast doamin.

You can configure routers or firewalls (some anyway) to do DHCP. But generally in a larger enterprise network a server would be used. It makes it easier to keep track of IP usage. For example one of the networks I manage uses the server DHCP server for the general corporate network. The DHCP server in the firewall is used for a smaller insecure network that is just a direct internet connection.

deddard
11-20-2006, 05:03 AM
One thing to look at if you are really going to design stuff with Cisco is the detailed spec of some units.

Some Switches offer Gigabit uplinks which can speed things up no end, whilst others offer gigabit switching to the desktop...allegedly!

When I went through the academy my tutor was keen that we do the case studies as real as possible (which meant a whole heap more work than was required by the academy exams) and one of the things I went into on one of the case studies was a gigabit switch for servers.
Looking at the spec of the 'gigabit' switches carefully, it turned out that the gigabit of bandwidth was actually shared between several ports - not true gigabit at all.

In looking at the design of a system (which used 4500 series modular units) I had to spec 2 switch units with sets of 4 ports rather than a single switch unit which had banks of 6 ports. This meant that only 4 servers would have to share badwidth rather than 6 (check out the switch specs at cisco and you'll see what I mean)

It isn't something I'd have like to have made a mistake on in real life - could have been embarassing and expensive!

jlreich
11-20-2006, 09:14 AM
A collision domain is the segment in which if multiple devices were to send data at the same moment a collision could occure. Basically a hub creates one large collision domain by connecting all devices to one share wire. A switch creates many small collision domains, each port is its own collision domain between switch and attached device. A broadcast domain is the area in which if a broadcast is sent out devices would receive this. For example an entire subnet is a broadcast domain (like 192.168.1.0/24).
Damn, that's right I remember now. I should have known that, it's pretty basic. :o Sometimes my brain gets hold of something and makes all kind of crazy stuff up.


Not to be annoying or anything, but a switch is a switch and a router is a router. Switching works at OSI layer 2, routing at layer 3. There are multilayer switches that can make routing decisons although not really work in place of a router. A managed switch works at layer 2 but offers things like VLANs, security features, spanning tree, redundancy possibilites, etc. An unmanaged switch is basically plug everything in and create on big broadcast doamin.
Well there are layer 3 switches (http://www.pcmag.com/encyclopedia_term/0,,t=layer+3+switch&i=45957,00.asp), but I guess my mistake was for some reason I was associating managed switches with layer 3 switches. There goes my brain making up all kinds of fanciful stuff again. :p

But yes I do realize a switch is a switch. But as they start to move into working at layer 3 it seems the differences are starting to get blurred a bit.


But generally in a larger enterprise network a server would be used.
Maybe it's was just me, but I had win server 2003 R2 running my home network for awhile doing DNS, as well as a DC etc, and it seemed to resolve names noticeably quicker. But yeah you definitely want to use the server to do DHCP if you have one. I only had the server up for about a month as I needed the machine for other things at the time, but I saw many advantages to having one in a business environment. I really need to take one of my older machines and install the server on it again to keep learning.

Deddard, good point about the specs.

This discussion has really helped bring the whole picture back in focus as I have kind of gotten bogged down with studying lately. It's actually made it interesting again. :)

deddard
11-20-2006, 11:13 AM
This has got me thinking again about the project I did.

Just as a matter of interest, I can now see that not only were the banks of 6 units going to be slower than a unit with banks of 4 running at 'gigabit' speeds (shared) but it is likely that they could actually run slower than a 100Mb/s unit!

My reasoning is this:
Cisco describe some of their multiport gigabit banked units as sharing bandwidth
Therefore a bank of 6 ports will share 1Gb bandwidth, giving a maximum (with all systems at full capacity) of 166Mb/s each
If they could work in full duplex they would work at a theoretical maximum of 332 Mb/s

Bearing in mind that Gigabit using full duplex (especially spread over 6 or even 8 ports as in some cisco units) is likely to involve
more management because of the buffer overflows, this speed could drop to the point where it has no advantage over a 100Mb/s unit running at full duplex (200Mb/s theoretical limit). There are likely to be more errors in gigabit full duplex because of the timings, so the cost benefit of 6 ports sharing the gigabit bandwidth is pretty tough to justify unless you know that they're not all going to be fired up and blazing at the same time.
Definitely time to go for the banks of 4, or even the full wire speed units. 8 banked units are a complete waste of time and effort for high usage.

Cisco do units which are dedicated full wire speed gigabit, but they tend to be limited to 6 separate ports, each capable of full speed, full duplex.

I wonder how many people have made the mistake of going for the wrong units?