Network Warrior

1. Networks Defined: Sharing Information Through Connection

For the purposes of this book (and your professional life, I hope), a computer network can be defined as "two or more computers connected by some means through which they are capable of sharing information."

Essential components. A computer network fundamentally requires two or more computers and a connection that enables them to share information. This definition distinguishes a true network from a sneaker net, where data is physically transferred via removable media. The key is the presence of a connection, which implies addressing or identification of nodes, even in simple master/slave setups.

Physical and wireless. Networks can be physical, using cables, or wireless, using radio waves. Wireless networks, despite lacking physical connections, still adhere to the basic definition by establishing a connection through radio frequencies, with each node having an address and frames containing source and destination information. The concept of a "connection" is paramount, differentiating a true network from merely transferring data via removable media.

Connection is key. The presence of a connection, whether physical or wireless, is what truly defines a network. This connection facilitates addressing and identification of nodes, enabling the structured exchange of information. Without this connection, the transfer of data remains isolated and lacks the dynamic, interconnected nature of a true network.

2. LANs, WANs, MANs, and CANs: Understanding Network Reach

WAN technology can include everything from dial-up modems (which, thankfully, are becoming quite rare in metropolitan areas) to ISDN, T1, DS3, SONET, and so on.

Defining network types. Networks are often categorized by their reach, including Local Area Networks (LANs), Wide Area Networks (WANs), Metropolitan Area Networks (MANs), and Campus Area Networks (CANs). LANs are confined to a limited space, such as a building or floor, while WANs connect LANs over broader areas, often spanning the globe. MANs typically connect LANs within a geographical region, and CANs are limited to a campus environment.

Overlapping definitions. The distinctions between MANs and CANs can be subtle, with the primary difference often being the presence of conduits for direct physical connections in a campus environment. In contrast, MANs typically rely on telecom providers for connectivity. The terms can sometimes be used interchangeably, and the actual designation often depends on the network's initial documentation and the terminology adopted by its designers.

Terminology matters. It's crucial to use terminology carefully and be aware of potential discrepancies in how different parties refer to the network. Whether the network is called a WAN, MAN, or CAN, understanding the underlying technology and communicating effectively with all stakeholders is essential for successful network management.

3. Hubs vs. Switches: The Evolution of Ethernet

A hub is simply a means of connecting Ethernet cables together so that their signals can be repeated to every other connected cable on the hub.

Hubs as repeaters. Hubs, also known as repeaters, connect Ethernet cables, repeating signals to all connected cables. They are purely physical devices without network presence, simply repeating signals without altering frames or making decisions based on them. This model can become problematic in larger networks due to traffic saturation and collisions.

Limitations of hubs. Hubs operate by repeating any signal received on one port to every other port, leading to increased traffic and collisions. The 5-4-3 rule of Ethernet design further limited the scalability of hub-based networks. Broadcast storms, caused by loops in the network, can also cripple hub-based networks.

Switches as intelligent forwarders. Switches differ from hubs by actively forwarding frames based on their destination MAC addresses. Switches maintain a MAC address table, mapping MAC addresses to ports, and forward frames only to the intended destination. This creates dedicated paths between source and destination ports, increasing network speed and reducing collisions.

4. Auto-Negotiation: Ensuring Optimal Connection Settings

When auto-negotiation is enabled on a port, it does not automatically determine the configuration of the port on the other side of the Ethernet cable and then match it.

Auto-negotiation defined. Auto-negotiation is a protocol that allows devices to communicate and determine the optimal duplex mode and speed for a connection. It only works if both sides of the link are running auto-negotiation. If one side is not, a feature called parallel detection kicks in, which only determines the link speed, not the duplex mode.

Parallel detection limitations. Parallel detection can lead to auto-negotiation failures, particularly on 10/100 links. When auto-negotiation fails, the driver typically chooses half-duplex mode, which can cause excessive collisions if the other side of the link is set to full-duplex. This results in slow network performance and frustrated users.

Best practices. To avoid auto-negotiation issues, ensure that both sides of the link are configured the same way: either both set to auto-negotiation or both manually configured with the same speed and duplex settings. Gigabit Ethernet uses a more robust auto-negotiation mechanism and should generally be set to auto-negotiate.

5. VLANs: Creating Logical Network Separations

Virtual LANs, or VLANs, are virtual separations within a switch that provide distinct logical LANs that each behave as if they were configured on a separate physical switch.

VLANs defined. Virtual LANs (VLANs) are logical separations within a switch, creating distinct LANs that behave as if they were on separate physical switches. VLANs enable a single switch to serve multiple LANs, preventing frames from one VLAN from reaching another, enhancing network security and organization.

Connecting VLANs. To allow communication between VLANs, an external router must be connected to each VLAN to route traffic between them. This setup maintains the logical separation of VLANs, with no indication to workstations that they reside on the same physical switch. Trunks, which are links that carry frames for more than one VLAN, are used to connect switches, enabling devices in VLANs on one switch to communicate with devices in the same VLANs on another switch.

Router on a stick. A router on a stick configuration uses a single trunk to connect a switch to a router, allowing routing between all VLANs on the switch. This saves interfaces on both the switch and the router, but the trunk's bandwidth becomes a bottleneck. Layer-3 switches, which have built-in routing capabilities, eliminate the need for external links, dedicating every port to devices or trunks to other switches.

6. Trunking: Carrying Multiple VLANs Over a Single Link

A trunk, using Cisco's terminology, is an interface or link that can carry frames for multiple VLANs at once.

Trunking defined. A trunk is a link that carries frames for multiple VLANs, enabling devices in VLANs on one switch to communicate with devices in the same VLANs on another switch. Trunks are essential for connecting switches at layer two, allowing efficient communication across multiple VLANs.

VLAN tagging. To ensure that frames are forwarded correctly across a trunk, each frame must contain a reference to the VLAN to which it belongs. This is achieved through VLAN tagging protocols, such as Cisco's Inter-Switch Link (ISL) and the IEEE standard 802.1Q. ISL encapsulates Ethernet frames within an ISL frame, while 802.1Q alters existing frames to include VLAN tags.

Trunk negotiation. Some Cisco switches support the Dynamic Trunking Protocol (DTP), which attempts to determine the trunking protocols supported on each side and establish a trunk if possible. DTP includes the VLAN Trunking Protocol (VTP) domain name in the negotiation process, requiring both switches to have the same VTP domain name for successful negotiation. Ports can be set to different modes, such as trunk, dynamic, or access, to control their trunking behavior.

7. VTP: Centralized VLAN Management

VTP allows VLAN configurations to be managed on a single switch.

VTP defined. The VLAN Trunking Protocol (VTP) simplifies VLAN management by allowing VLAN configurations to be managed on a central switch and propagated to other switches in the network. This eliminates the need to manually configure VLANs on each switch, reducing the risk of errors and saving time.

VTP modes. VTP operates through VTP servers, which manage VLAN configurations, and VTP clients, which receive updates from the servers. VTP transparent switches receive and forward VTP updates but do not update their configurations. A VTP domain is a group of connected switches with the same VTP domain string configured, ensuring that VLAN information is shared only within the domain.

VTP pruning. VTP pruning prevents traffic from a particular VLAN from being sent to switches where that VLAN is not active, reducing unnecessary traffic and conserving bandwidth. However, VTP can be dangerous if not managed well, as a rogue switch with a higher configuration revision number can overwrite the VLAN configurations of all other switches in the domain.

8. EtherChannel: Bonding Multiple Links for Increased Bandwidth

EtherChannel is the Cisco term for the technology that enables the bonding of up to eight physical Ethernet links into a single logical link.

EtherChannel defined. EtherChannel, a Cisco term, bonds up to eight physical Ethernet links into a single logical link, increasing bandwidth and providing redundancy. The logical link's speed equals the aggregate of the physical links' speeds, such as a 400 Mbps EtherChannel from four 100 Mbps links.

Load balancing. By default, EtherChannel assigns one physical link to each packet based on the destination MAC address, ensuring packets to a single destination arrive in order. This means that a single user will only ever get 1 Gbps from the EtherChannel at a time. The benefit arises when there are multiple destinations, which can each use a different path. The hashing algorithm for determining the physical link to be used may not be public, but the weighting of the links used in the algorithm is published.

Configuration and management. Configuring EtherChannel involves ensuring each link has the same configuration, and using protocols like LACP (for non-Cisco devices) or PAgP (for Cisco devices) to negotiate the channel. CatOS and IOS devices use different terminology, with CatOS referring to EtherChannels as channels and IOS calling them port channel interfaces.

9. Spanning Tree: Preventing Loops in Layer-2 Networks

The Spanning Tree Protocol (STP) is used to ensure that no layer-2 loops exist in a LAN.

STP defined. The Spanning Tree Protocol (STP) prevents layer-2 loops in a LAN, which can cause broadcast storms and network outages. STP elects a root bridge and calculates the best path from each bridge to the root, blocking redundant paths to prevent loops.

Broadcast storms. Without STP, a broadcast frame can circulate endlessly in a looped network, saturating the network and preventing devices from communicating. Broadcast storms can quickly bring a network to a halt, making it essential to have a mechanism to prevent loops.

STP operation. STP elects a root bridge based on the bridge ID, which is a combination of the bridge priority and MAC address. Each bridge determines the best path to the root bridge and blocks nonforwarding ports to prevent loops. Ports transition through various states, such as blocking, listening, learning, and forwarding, to establish a loop-free topology.

10. Routing: Determining the Best Path for Data

Routing is a term with multiple meanings in different disciplines.

Routing defined. Routing is the process of determining a path for data to travel from source to destination. In IP networks, routers use routing tables to forward packets to the next hop, eventually reaching their destination.

Routing tables. Routing tables, or Route Information Bases (RIBs), contain information about reachable networks and the best paths to reach them. Routers use routing protocols to learn about networks and update their routing tables dynamically.

Administrative distance. When a router learns about the same network from multiple routing protocols, it uses administrative distance to determine which route to prefer. The protocol with the lowest administrative distance is considered the most reliable.

11. Routing Protocols: Sharing Network Information

Routing protocols allow networks to be dynamic and resistant to failure.

Routing protocols defined. Routing protocols are applications that enable routers to exchange information about network topology and reachability. These protocols allow routers to dynamically learn about networks and adapt to changes in the network topology, ensuring that data can always find a path to its destination.

Communication between routers. Routing protocols use various methods to communicate, including broadcasts, multicasts, and unicast packets. Multicast packets are commonly used to discover neighboring routers and exchange routing information, while unicast packets are used for specific communications between known neighbors.

VTP domains. Routing protocols can be configured with autonomous system numbers (ASNs) or process IDs (PIDs) to create separate routing domains. This allows for more granular control over routing policies and prevents routing information from being shared between unrelated networks.

12. Redistribution: Integrating Routes from Different Protocols

VTP offers a lot of advantages, but it can have some pretty serious drawbacks, too, if you're not careful.

Redistribution defined. Redistribution is the process of importing routes from one routing protocol into another, allowing different routing protocols to coexist and share information. This is often necessary when integrating networks that use different routing protocols or when connecting to external networks.

Administrative distance. When redistributing routes, it's important to consider the administrative distance of the different routing protocols. The administrative distance determines which route will be preferred when multiple routes to the same destination are available.

VTP pruning. VTP pruning prevents traffic originating from a particular VLAN from being sent to switches on which that VLAN is not active (i.e., switches that do not have ports connected and configured for that VLAN). With VTP pruning enabled, the VLAN 100 broadcasts will be restricted to switches on which VLAN 100 is actively in use.

Last updated: April 11, 2025