Hub
The hub works on the first layer of OSI, and the data packets sent to the hub will be broadcast to all ports.
The hub is directly physically connected to the network card of each device, so there is a lower risk of connection loss, because the hub is a device that all devices share bandwidth, so it is half-duplex, so there will be conflicts. At the same time, there will be conflicts between the inbound and outbound packets sent to the hub, and algorithms are needed to resolve the conflicts, so the performance of the hub will be relatively poor.
The hub is essentially a multi-port repeater. Regardless of the content of the packet, it simply broadcasts the packet received by a certain port to all other ports. Therefore, the content sent by one host to another host It will be monitored by other unrelated hosts. have security issues.
Bridge
A physical world bridge is used to connect two sides of a river, while a computer world bridge is a network used to connect two physical network segments.
Both bridge and switch work on the second data layer (data link layer) of OSI, and the data packets will be sent to the designated port according to the MAC address. There is no security problem caused by the hub’s broadcast regardless of the three-seven-two-one .
The bridge will track the addresses of all hosts on the network plugged into its interface. When the data packets of this network at one end of the bridge are sent to the bridge, the bridge will pass through the filtering mechanism to ensure that the data packets belonging to the network at this end remain locally. Instead of being innocently forwarded to the opposite network (because the local packet is not sent to the opposite side of the bridge).
When the bridge receives a packet from the network whose address does not belong to this end of the bridge, it will send it to the other side. However, in fact, it does not know whether this address exists on the opposite side, but guesses that since it is not here, it may be on the other side, and if there are other bridges on the opposite network, then it will find that the packet is not here, and send the packet to Go to the opposite side of other bridges, so a packet needs to pass through multiple bridges to reach the host where the destination address is located.
Because of the above, broadcast and multicast traffic (such as arp, which seeks everyone’s address) must pass through all bridges on the network, so all hosts have the opportunity to read this broadcast packet, and With such a large network (especially a network with more bridges), in fact, many packets are irrelevant to itself, so it may cause a broadcast storm, thereby preventing unicast traffic (that is, packets with a clear purpose).
Switch
In fact, the switch itself is a kind of bridge, which has the functions of the old-fashioned bridge, but solves some of its problems.
The switch overcomes the shortcomings of the hub. It can allocate dedicated bandwidth for each connected host device and provide a full-duplex connection. It uses the MAC address table to make data packet forwarding decisions, and uses ASICS and content addressing register (CAM) table to improve frame processing rate.
The switch integrates the strengths of the hub and the bridge. It uses the multi-port function of the hub and the filtering function of the bridge together. Only the target device can see the unicast data packets, so it will not block unicast like a bridge. Bag.
Switches allow for redundant links, and broadcast and multicast operations do not cause storms thanks to the Spanning Tree Protocol (STP) developed for bridges.
Switches keep track of MAC addresses in each interface, so they can quickly send traffic only to the packet’s destination.
Because of the above features, switch has higher performance and security.
Generally speaking, switch has the following advantages:
- The switch is a plug and play device. Once the first packet arrives, they start learning the interface or port to get to the desired address, which is then used for subsequent filtering.
- The switch provides an easy way to connect network segments operating at different speeds, such as 10 Mbps, 100 Mbps, 1GB and 10GB networks.
- Switches are replacing routers inside networks because they can forward frames more than 10 times faster on Ethernet networks.
Other differences between bridge and switch
The ancient bridge only has 2 to 4 ports, but the switch is actually a high-performance multi-port bridge, which can have as many as hundreds of ports. In essence, the switch is also a bridge device, which has the function of bridge.
The packet forwarding of the ancient bridge is based on software, while the switch developed later is based on hardware, using chips to make packet forwarding decisions, and its performance is far superior to that of the old bridge.
A new switch can have multiple spanning tree instances. The old bridge can only have one
So why did switch not continue to use the name bridge, because the bridge produced by the early manufacturers did not conform to the IEEE specification (the specification has never been fixed and the bridge only has 2 ports), and the latecomers simply did not use the word bridge in order to avoid being compared with him. , directly switch to switch, but the essence is a better implementation of the specification.
Then the concepts of the above three physical devices correspond to virtual software implementations, such as virtual bridge bridges, virtual switches, distributed software such as docker and k8s, which often use bridges to establish subnets And functions such as communicating with the host computer.
Today’s sharing is over, I hope it will be helpful to you.
Welcome to leave a message csd@telecomate.com.
Leave a comment