8/27/05 Routers, switches, and hubs, oh my!

Andrew,

It's fairly simple, actually. You would need a bit of an understanding of how TCP/IP works to make sense of it. Everything done on the 'Net may seem like a seemless stream of information, but it's not. Everything is broken down into "packets" that are a fixed length and format. Each packet, like your standard postal letter has the source and destination routing, (the TO:
and FROM: on the envelope) as well as a fixed block of plain text.
Information that's larger than one packet is broken down into multiple packets. Even mulitmedia (audio, video, etc...) is first converted to text and broken down into packets. It's the responsibility of the recieving end to decode and reconvert the packets into audio/video. (This is why multimedia streams can sometimes be choppy. But I digress.)

Now then, we can look at each device, it's function and go forward from there. A car analogy works fairly well for how networking works. Consider each packet as a car travelling on a road.

A hub is a "dumb" device that allows multiple computers to communicate with each other. Think of it as an uncontrolled intersection on the highway - no stop signs or lights. As you can imagine, without any sort of control, crashes are bound to occur. And they do. Frequently.
Fortunately, no one, or nothing really gets hurt. The system that sent the original packet merely resends it (the car in our analogy) until it does manage to get through.

A switch is like a hub, except that it has traffic control built into it. It has the means to control which computer on the network talks to the
other(s) and when. Think of it as a traffic cop at the intersection and it's directing traffic. Since there are fewer crashes, throughput is a lot faster and more reliable.

A router is a device that sits between your DSL (or cable) modem and directs traffic. Think of it like the guy in an old fashioned mail room who sorts incoming mail into the appropriate cubby hole by looking at the address it's coming from and where it's going. Routers use something called Network Address Translation (NAT) to do this.

When you sign up for DSL (or Cable), you get one TCP/IP address allocated for your use. Each computer, however, needs an individual and unique IP address in order to get the appropriate packets directed to that machine. A router has the ability to create an independent set of IP addresses on the "inside" which then allow you to share one "outside" IP address with up to
255 different computers. (side note: The actual number of devices a router can handle may vary by manufacturer/model. See the documentation for more info on that.) NAT allows the router to flag each packet and keep track of where it came from and where the replies to those packets are supposed to go.

Making sense of it all...

Now then... Things get a bit tricky. There are "combo" devices available on the market. While they're all "routers" they also sometimes have a switch built in that allows you to save a power plug port - one fewer device to plug into the wall/surge protector strip. Most multi-port routers contain a switch, rather than a hub. As long as it's sorting the NAT data, it might as well manage the traffic on the ports.

And then there's wireless... The latest trend is to have WiFi access points built into routers. If you've got a laptop with a wireless radio built in, this may suit your taste. However, if you simply have three desktops to connect, it may be a solution worth looking into. These devices tend to, like their wired only bretheren, have NAT built in and can typically support up to 255 devices (check the documentation, your mileage may vary). Usually, wireless routers do offer at least one wired connection port for configuring and managing the router.

Wireless can be a good or bad thing depending on how it's configured. If you simply go for the default setup, you will probably be leaving your wireless access point wide open for ANYONE in your neighborhood within range with a wireless enabled laptop to hitch onto your network and potentially cause problems. You might not mind if your neighbor taps in and uses your DSL connection to say, download some songs or a movie until the MPAA or RIAA stormtroopers show up at your front door.

Wardriving...

Wardriving is an activity where a hacker drives around a given area looking for networks that are left wide open (hence the "driving" part). Once he finds a network that's wide open, he can do some pretty nasty things - like planting viruses on your computer, grabbing your personal financial data, sending out a flood of spam, etc... in addition to other nefarious activities.

On the bright side of wireless...

If properly configured (see the instructions for more details) wireless can be a good thing. You can connect anywhere as long as you're within range of the router/access point and you're not dragging a bunch of wires (except maybe the power brick) along for the ride. You have to configure each workstation correctly with the matching encryption code you created on the router/access point.

Firewalls...

Most all routers today come with firewalls built in as well as switches.
Most of them are adequate for keeping the bad guys out (for the moment, at least). As for needing a software firewall as well... That would depend largely on how paranoid you choose to be. It doesn't hurt to have one, but then again, it does take up resources which can slow your computer down. On the other hand, given the recent Cisco fiasco where a so called "security researcher" disclosed methods for attacking Cisco routers, it doesn't hurt to have a second line of defense.

So then, how do these devices get put together?

First, there's the phone jack at the wall. Next, there's the filter (supplied with your DSL installation kit). Then, you've got your DSL modem.
This would plug into the router's WAN port. You then simply plug your computers into the router's LAN ports. This is assuming you've got a router with multiple ports.

If you're going with a separate switch, everything is the same until you get to the router. You would plug the router's LAN port into any port on your switch and plug your computers into the switch.

The first option as mentioned above, requires one fewer plug on the surge protector and in all probability is cheaper. Wireless has it's place, but opens a kettle of fish best left covered for novice users. If you do decide to go wireless, best to read the instructions and follow them very carefully or have your friendly neighborhood computer geek give you a hand setting it up.

One other consideration for wireless... Most desktops do not come with wireless built in. You will need a wireless network card for each machine before you can connect to the access point/router. This, of course, raises the price significantly. CAT5 or CAT6 network cable is significantly cheaper.

CAT5 and CAT6

CAT5 and CAT6 are designations for network wiring. They generally come in fixed lengths from 3 feet to 50 feet. The numeric part of the designation (the 5 or 6) has to do with the quality of the wiring inside the cable and how much data it's rated to move. CAT5 is suited for 10/100 million bits per second (10-BaseT or 100-BaseT) networking which is typical for most home networking applications. CAT6 is a newer standard that's designed to handle gigabit networking (1000-BaseT) or 1000 million bits per second throughput.
While it's a nice thing to have, it's more bandwidth than most home networks need - even if you're sharing video over your home network. Given most DSL tops out at 1.5 million bits per second, and cable's best is about 3 million bits/second, a typical 10/100 network is more than adequate unless you're frequently copying HUGE files between your computers. And by HUGE - I mean ones that are a gigabyte or larger. A network that handles 100 MBits/second is plenty fast for most typical applications.

In conclusion, the simplest setup is generally the best. The fancier gear you add (while being ultra cool) generally means you will need to jump through more hoops to get it working. A regular wired multi-port router with say, 4 ports such as the Linksys BEFSR41 or the DLink DI-604 would be more than adequate for your immediate needs.

Submitted by: Pete Z.

Routers, switches, and hubs, oh my!!! It's all so confusing, but let's try to break it down just a bit here.

First of all the basics of how networked computers communicate with each other. Now everyone please keep in mind I am trying to keep this simple and straightforward for everyone to understand so there won't be a lot of jargon throwing. When a group of computers are connected together you have a network. That network can be 2 computers in your home, 10 computers in a small office, 500 computers in a growing business, or millions of computers across the globe. Every one of those computers has to be uniquely identified between all the other computers it has the ability to talk to through it's network. This is handled by IP (Internet Protocol) Addresses, which are 4 groups of numbers between 0 and 255, for example on my local network my current IP address is 192.168.1.200, currently the address for Google.com is 216.239.39.99. Computers that are connected together in say your home or office would all exist on the same private network group. Basically all this means is that the first 3 groups of digits (192.168.1 on my PC) all be identical, and you change the last group (200) for each PC. So the PC next to me might be 192.168.1.123 but I would be able to directly communicate with that PC.

These numbers are all assigned to assist in "routing" traffic across your network. When you request something from another PC, your computer makes a connection over to the IP address of the desired machine and they start talking amongst themselves to resolve whatever it is you want. This routing also enables you to talk between networks (hence my requests to google.com get routed out of my network and over to the google.com server). This basic explanation was done to assist you in understanding the following:

Hub - is the most basic of connections possible between PC's. When traffic comes into the hub from any one PC connected to it, that same info gets sent out to ALL the other connected PC's and it is up to each of the computers to determine whether the traffic was meant for them or not. There is no filtering, or special handling of the data. Hubs are fairly old-school and cause a lot of unnecessary traffic across your network as well as lots of data "collisions" (traffic coming out of a PC while traffic is also trying to go in which can cause network slowdowns since the traffic is sent over again until it gets a response from each computer as to whether that traffic was intended for it or not).

Switch - also allows multiple computers to be connected (same as with a hub you can get switches with 4 connections all the way up to 24 (or more) in a single switch. The benefit of switches are that they isolate the flow of traffic. They have just enough intelligence built into them so that once it is determined which PC you are trying to connect to a direct connection is made between just those 2 computers, and data flow is greatly improved. None of the other PC's on the network are bothered by the traffic generated and they can all communicate on their own at the same time. Much better data flow and fewer "collisions" (see Hub).

Router - also controls traffic flow like a switch, however they have the added ability to be able to "talk" outside of their existing network (assuming a connection to outside networks (the internet) exists. A router will have a particular plug you would connect your broadband router into (either cable, DSL, or fiber optic).

When you have a connection to the internet the device connecting is assigned an IP address by your ISP (Internet Service Provider) and if your PC is connected directly to your modem, then it is your PC that gets that IP address. In order to connect more than 1 computer to your internet connection you need to be able to "share" that IP address across all your PC's. This is where the router comes into play. The router would then be assigned the IP address from your ISP, and in turn it assigns IP addresses to each of the computers on your network. So when you get on your computer and request a page from the internet, the router receives that request, and based on the IP addressing it determines that what you are looking for is outside of the local network. It then sends out a request on your behalf for that information, makes a note of which PC on the local network requested that information, and waits for a response. When the reply comes back in to the router, it looks into its notes to determine which local PC requested that information, and then forwards (or routes) it to you. So if you and the wife are each connecting to the internet and requesting different web pages, the router keeps track of who is asking for what, but all the websites either of you visit would think it was the same PC asking for the data because the IP address used on the internet side of things would be the same.

Most routers also have a built in firewall, but even if they don't they protect you greatly from outside sources since out on the internet side of things all anyone ever sees is your router and not your PC. So even in situations where you only have a single PC in your house, it would be in your best interests to install a router between your PC and your internet connection to minimize the ability of people getting in and seeing your data.

On a final note, the assigning of those IP addresses on your local network is usually handled by the router using a protocol called DHCP (Dynamic Host Configuration Protocol). This tends to be turned on by default in most routers (it can be switched off but I wouldn't recommend it) as you would then need to hand assign IP addresses in each PC on your network. Alternatively if you are connecting to a hub or switch you would also have to assign IP addresses as they don't handle any of that for you. Easier to just tell the computers to be assigned an IP address using a DHCP server and let the router handle it all for you.

Hope that helped explain it all, so the short answer is you want a router in order to properly share your DSL connection, and while you can install software firewalls in each of the PC's with a router in place you don't necessarily need that extra layer. Although some people feel better with it there, so it is a bit of a judgment call, if you have a lot of critical information you are completely paranoid about people seeing, then maybe you want a software firewall. For 75% of the home users out there, I would say it is just an additional layer of problems without much in the way of benefit.

Submitted by: Greg H.