Campus Wide Area Network

A Campus wide area network The diagram opposite shows a typical campus wide area network. The buildings are connected together using a variety of different methods including fibre-optic and wireless links. Although the diagram opposite is not an exact representation of the University of Wales Aberystwyth network, it does show the type of wide area network backbone connections currently in use. A wide area network or WAN is a computer network covering a wide geographical area involving a vast array of computers. This is different from personal area networks (PAN's), metropolitan area networks (MAN's) or local area networks (LAN's) which are usually limited to a room, building or campus. Typically, a WAN consists of two or more local-area networks (LANs). Computers connected to a wide-area network are often connected through public networks, such as the telephone system. They can also be connected through leased lines usually fibre-optic cables or satellites. The largest WAN in existence is the Internet. WANs are normally built for individual private organizations including Internet service providers (ISP's). The ISP provides connections from an organization's LAN to the Internet, a router connects to the LAN on one side and a hub/switch within the WAN on the other.

Wireless Wide Area Network(WWAN)

Once you begin using wireless data, you'll wonder how you ever lived without it. Wireless data gives you the freedom to work from almost anywhere and gives you access to personal information when you are on the go. Whether the wireless sytem is accessing e-mail from an airport or receiving dispatch instructions as a taxi driver, you'll find it extremely effective to be able to maintain a data connection with a remote network from almost anywhere.

Radio communications has been with us for a long time, with analog voice as the principal application. Today, tens of millions of people in the United States are using two-way radio for point-to-point or point-to-multipoint voice communications. Although engineers have known for some time how to modulate a radio signal to send binary data, only recently have they been able to develop and deploy wireless data services on a large comme rcial scale.

Wire or fiber-based data communications spans a huge range of throughputs and distances--28.8 Kbps over a modem connection; 10/100 Mbps over an Ethernet segment; and gigabit speeds over fiber. Similarly, wireless connections span a huge range. The world of wireless data includes fixed microwave links, wireless LANs, data over cellular networks, wireless WANs, satellite links, digital dispatch networks, one-way and two-way paging networks, diffuse infrared, laser-based communications, keyless car entry, the Global Positioning System and more.

The benefits of wireless include connections when no others are possible, connections at lower cost in many scenarios, faster connections, backups to landlines, networks that are much faster to install and data connections for mobile users. That last benefit is the focus of this chapter.

In this chapter, we'll concentrate on wide-area wireless data; a future chapter will discuss wireless LANs. The types of WANs we will examine include cellular-based systems, paging networks and dedicated wireless WANs, such as CDPD, Metricom's Ricochet, ARDIS and RAM Mobile Data.

First, let's walk through a planning process that highlights the key issues in working with wireless data. From there we drill into the technology, including protocols and interfaces, hardware, middleware. Next we survey the various wireless networks. We conclude with some pointers for integrating your wireless solution.

One important distinction in the uses wireless data is between vertical market applications and horizontal market applications. In vertical markets, applications addresses a very specific business need for a particular company or industry. The applications provides a clear benefit through higher productivity or other competitive advantage. Today most wireless applications are in the vertical arena. But wireless vendors strongly desire to address much larger horizontal markets where a broad spectrum of business users and consumers wil l use wireless communications. This transition will occur once wireless communications is inexpensive enough, broadly deployed and easy to use and once a large number of off-the-shelf applications are available.

Configuring WPAD Support for ISA Firewall Web Proxy and Firewall Clients

The Web Proxy Autodiscovery Protocol (WPAD) can be used to allow Web browsers and the Firewall client application to automatically discover the address of the ISA firewall. The client can then download autoconfiguration information from the firewall after the Web Proxy or Firewall client discovers the address.

WPAD solves the problem of automatically provisioning Web browsers. The default setting on Internet Explorer is to autodiscover Web proxy client settings. When this setting is enabled, the browser can issue a DHCPINFORM message or a DNS query to find the address of the ISA firewall from which it can download autoconfiguration information. This greatly simplifies Web browser setup so that it automatically uses the firewall to connect to the Internet.

The ISA firewall’s Firewall client application can also use the wpad entry to find the ISA firewall and download Firewall client configuration information.

In this article we will discuss the following procedures:

• Configure DHCP WPAD support
• Configure DNS WPAD support

After the wpad information is entered into DHCP and DNS, Web Proxy and Firewall clients will not require manual configuration to connect to the Internet through the ISA firewall.

Discuss this article

Configure DHCP WPAD Support

The DHCP scope option number 252 can be used to automatically configure Web Proxy and Firewall clients. In order for the DHCP wpad method to work, the Web Proxy or Firewall client computer must be configured as a DHCP client, and the logged on user must be a member of the local administrators group or Power users group (for Windows 2000). On Windows XP systems, the Network Configuration Operators group also has permission to issue DHCP queries (DHCPINFORM messages).

Note:
For more information about the limitations of using DHCP for autodiscovery for Internet Explorer 6.0, please see KB article Automatic Proxy Discovery in Internet Explorer with DHCP Requires Specific Permissions at http://support.microsoft.com/default.aspx?scid=kb;en-us;312864 However, if you’ve been good and upgraded to Windows XP SP2, this is no longer a problem. I assume that the problem remains “fixed” in Windows Vista, but I don’t know that for sure. I also assume that the Windows XP SP2 fix also enables Internet Explorer 7.0 to work correct without requiring administrator permissions.

Perform the following steps at the DHCP server to create the custom DHCP option:

1. Open the DHCP console from the Administrative Tools menu and right click your server name in the left pane of the console. Click the Set Predefined Options command.
2. In the Predefined Options and Values dialog box, click the Add button.

Figure 1

3. In the Option Type dialog box, enter the following information:

Name: wpad

Data type: String

Code: 252

Description: wpad entry

Click OK.

Figure 2

4. In the Value frame, enter the URL to the ISA firewall in the String text box. The format for this value is:
   
   http://ISAServername:AutodiscoveryPort Number/wpad.dat
   
   The default autodiscovery port number is TCP 80. You can customize this value in the ISA Firewall console. We will cover this subject in more detail later in this document.
   
   In the current example, enter the following into the String text box:
   
   http://isalocal.msfirewall.org:80/wpad.dat
   
   Make sure to enter wpad.dat in all lower case letters. For more information on this problem, please refer to KB article "Automatically Detect Settings" Does Not Work if You Configure DHCP Option 252
   
   Click OK.

Figure 3

5. Right click the Scope Options node in the left pane of the console and click the Configure Options command.
6. In the Scope Options dialog box, scroll through the list of Available Options and put a checkmark in the 252 wpad checkbox. Click Apply and then click OK.

Figure 4

7. The 252 wpad entry now appears in the right pane of the console under the list of Scope Options.

Figure 5

8. Close the DHCP console.

At this point DHCP clients will be able to use DHCP wpad support to automatically discover the ISA firewall and subsequently autoconfigure itself. However, the ISA firewall must be configured to support publishing autodiscovery information, which we will do later in this article.

Configure DNS WPAD Support

Another method that can be used to deliver autodiscovery information to Web Proxy and Firewall clients is DNS. You can create a wpad alias entry in DNS and allow browser clients to use this information to automatically configure themselves. DNS is a viable option, but you have to be aware that if you have multiple networks, each with it’s own ISA Firewall, then you’ll need to have different wpad entries for each network. While you can support multiple networks and multiple ISA Firewalls using DNS by taking advantage of netmask ordering, most companies perform to use DHCP wpad to support local networks, since they need to use local DHCP server anyway to assign local clients addressing information.

Name resolution is a pivotal component to making this method of Web Proxy and Firewall client autodiscovery work correctly. In this case, the client operating system must be able to correctly fully qualify the name wpad. The reason for this is that the Web Proxy and Firewall client only knows that it needs to resolve the name wpad; it does not know what specific domain name it should append to the query to resolve the name wpad. We will cover this issue in detail later in this document.

Note:
In contrast to the DHCP method of assigning autodiscovery information to Web Proxy and Firewall clients, you do not have the option to use a custom port number to publish autodiscovery information when using the DNS method. You must publish autodiscovery information on TCP 80 when using the DNS method.

You need to perform the following steps to configure DNS support for Web Proxy and Firewall client autodiscovery of the ISA firewall:

• Create the wpad entry in DNS
• Configure the client to use the fully qualified wpad alias
• Configure the client browser to use autodiscovery

Create the Wpad Entry in DNS

The first step is to create a wpad alias entry in DNS. This alias (also known as a CNAME record) points to a Host (A) record for the ISA Server 2004 firewall. The Host (A) record resolves the name of the ISA Server 2004 firewall to the internal IP address of the firewall. I should note her that you don’t have to use a CNAME record, you can use an A record if you like, but CNAME records have some management advantages.

The Host (A) record must be created before you create the CNAME record. If you enable automatic registration in DNS, the ISA firewall’s name and IP address will already be entered into a DNS Host (A) record. If you have not enabled automatic registration, you will need to create the Host (A) record for the ISA firewall yourself.

In the following example, the ISA firewall has automatically registered itself with DNS because the internal interface of the ISA firewall is configured to automatically register with DNS and the DNS server is configured to accept unsecured dynamic registrations. In a production environment, I’d recommend that you only accept secure DNS registrations. This won’t be a problem for your ISA Firewall, since it should be a member of the domain for security reasons.

Perform the following steps on the DNS server on the domain controller on the internal network:

1. Click Start and select Administrative Tools. Click the DNS entry. In the DNS management console, right click on the forward lookup zone for your domain and click the New Alias (CNAME) command.
2. In the New Resource Record dialog box, enter wpad in the Alias name (uses parent domain if left blank) text box. Click the Browse button.

Figure 6

3. In the Browse dialog box, double click on your server name in the Records list.

Figure 7

4. In the Browse dialog box, double click on the Forward Lookup Zone entry in the Records frame.

Figure 8

5. In the Browse dialog box, double click on the name of your forward lookup zone in the Records frame.

Figure 9

6. In the Browse dialog box, select the name of the ISA firewall in the Records frame. Click OK.

Discuss this article

Figure 10

7. Click OK in the New Resource Record dialog box.

Figure 11

8. The CNAME (alias) entry appears in the right pane of the DNS management console.

Figure 12

9. Close the DNS Management console.

Configure the Client to Use the Fully Qualified wpad Alias

The Web Proxy and Firewall client needs to be able to correctly resolve the name wpad. Both the Web Proxy and Firewall client configurations are not aware of the domain containing the wpad alias. The Web Proxy and Firewall client operating system must be able to provide this information to the Web Proxy and Firewall client.

DNS queries must be fully qualified before the query is sent to the DNS server. A fully qualified request contains a host name and a domain name. The Web Proxy and Firewall client only know the host name portion. The Web Proxy and Firewall client operating system must be able to provide the correct domain name, which it appends to the wpad host name, before it can send a DNS query to the DNS server.

There are a number of methods you can use to insure that a proper domain name is appended to wpad before the query is sent to the DNS server. Two popular methods for doing this include:

• Using DHCP to assign a primary domain name
• Configuring a primary domain name in the client operating system’s network identification dialog box.

We already configured a primary DNS name to assign DHCP clients when we configured the DHCP scope. The following steps demonstrate how to set the primary domain name to append to unqualified DNS queries:

Note:
You do not need to perform these steps on the client machine on the Internal network in our example network. The reason for this is that the client is a member of the Active Directory domain on the internal network. However, you should go through the following steps to see how the primary domain name can be configured on non-domain member computers.

1. Right click the My Computer icon on the desktop and click the Properties command.
2. In the System Properties dialog box, click the Network Identification tab. Click the Properties button.

Figure 13

3. In the Identification Changes dialog box, click the More button.

Figure 14

4. In the DNS Suffix and NetBIOS Computer Name dialog box, enter the domain name that contains your wpad entry in the Primary DNS suffix of this computer text box. This is the domain name that the operating system will append to the wpad name before sending the DNS query to the DNS server. By default, the primary domain name is the same as the domain name the machine belongs to. If the machine is not a member of a domain, then this text box will be empty. Note the Change primary DNS suffix when domain membership changes is enabled by default. In the current example, the machine is not a member of a domain.

Cancel out of each of the dialog boxes so that you do not configure a primary domain name at this time.

Figure 15

Note that if you have multiple domains and clients on your internal network that belong to multiple domains, then you will need to create wpad CNAME alias entries for each of the domains.

Configure the Client Browser to Use Autodiscovery

The next step is to configure the browser to use autodiscovery. If you have not already done so, perform the following steps to configure the Web browser to use autodiscovery to automatically configure itself to use the ISA firewall’s Web Proxy service:

1. Right click on the Internet Explorer icon on the desktop and click Properties.
2. In the Internet Properties dialog box, click the Connections tab. Click the LAN Settings button.
3. In the Local Area Network (LAN) Settings dialog box, put a checkmark in the Automatically detect settings checkbox. Click OK.

Figure 16

4. Click Apply and then click OK in the Internet Properties dialog box.

The next step is to configure the ISA firewall to publish autodiscovery information for autodiscovery Web Proxy and Firewall clients.

Configuring the ISA Firewall to Publish Autodiscovery Information

The DHCP and DNS wpad entries are designed to point the Web proxy and Firewall client applications to the IP address and port that the ISA Firewall uses to provide autodiscovery information to the clients. However, by default autodiscovery publishing on the ISA Firewall is disabled. It’s your job to enable this setting on each ISA Firewall Network that contains Web proxy and Firewall clients.

1. In the ISA Firewall console, expand the server name in the left pane of the console and then expand the Configuration node in the left pane. Click on the Networks node.
2. In the Networks node, click on the Networks tab in the middle pane of the console. Double click the ISA Firewall Network that you want to enable autodiscovery publishing. In this example, we’ll enable autodiscovery publishing for the default Internal ISA Firewall Network.
3. In the Internal Properties dialog box, click on the Auto Discovery tab. Put a checkmark in the Publish automatic discovery information for this network checkbox. By default, the ISA Firewall will listen for requests from Web Proxy and Firewall clients on TCP port 80. If you’re using DHCP wpad entries, then you can change this port. However, if you use DNS based wpad support, then you must leave the value at its default, TCP port 80.

Figure 17

4. Click Apply and then click OK.
5. Click Apply to save the changes and update the firewall policy.

At this point you can close all browser windows and open them. The new settings will work at this point and the Web browsers will be able to get autoconfiguration information from the ISA firewall. For the Firewall clients, you can wait for about six hours for the update, or you can manually configure them to update their configuration. Right click on the Firewall client icon in the system tray and select the Automatically detect ISA Server option and click Detect Now.

Figure 18

Figure 19

Click OK to save the settings.

Discuss this article

Conclusion

In this article we discussed how to automatically configure the Web proxy and Firewall clients to use wpad entries to automatically discover the ISA Firewall and automatically configure themselves. We went over the two methods you an use for autodiscovery: DHCP and DNS. We also demonstrated how to configure the client to correctly qualify the unqualified wpad name and how to configure the ISA Firewall to publish autodiscovery information on the appropriate ISA Firewall Networks that contain clients that wish to use autodiscovery.

The Networking World

Definition

Experts in the field of networking debate whether two computers that are connected together using some form of communications medium constitute a network. Therefore, some works state that a network requires three connected computers. One such source, "Telecommunications: Glossary of Telecommunication Terms" states that a computer network is "A network of data processing nodes that are interconnected for the purpose of data communication". The term "network" being defined in the same document as "An interconnection of three or more communicating entities".^[1] A computer connected to a non-computing device (e.g., networked to a printer via an Ethernet link) may also represent a computer network, although this article does not address this configuration.

This article uses the definition which requires two or more computers to be connected together to form a network. ^[2] The same basic functions are generally present in this case as with larger numbers of connected computers. In order for a network to function, it must meet three basic requirements, it must provide connections, communications and services. Connections refers to the hardware, communications is the way in which the devices talk to each other, and services are the things which are shared with the rest of the network.^[3]

[edit] Classification of computer networks

[edit] By network layer

Computer networks may be classified according to the network layer at which they operate according to some basic reference models that are considered to be standards in the industry such as the seven layer OSI reference model and the four layer Internet Protocol Suite model. In practice, the great majority of networks use the Internet Protocol (IP) as their network layer. Some networks, however, are using IP Version 6 IPv6, usually in coexistence with IPv4. IPv6 use is often experimental.

[edit] By scale

Computer networks may be classified according to the scale: Personal Area Network (PAN), Local Area Network, Campus Area Network, Metropolitan area network (MAN), or Wide area network (WAN). As Ethernet increasingly is the standard interface to networks, these distinctions are more important to the network administrator than the end user. Network administrators may have to tune the network, based on delay that derives from distance, to achieve the desired Quality of Service (QoS).

Controller Area Networks are a special niche, as in control of a vehicle's engine, a boat's electronics, or a set of factory robots.

[edit] By connection method

Computer networks may be classified according to the hardware technology that is used to connect the individual devices in the network such as Ethernet, Wireless LAN, HomePNA, or Power line communication.

[edit] By functional relationship

Computer networks may be classified according to the functional relationships which exist between the elements of the network, for example Active Networking, Client-server and Peer-to-peer (workgroup) architectures.

[edit] By network topology

Main article: Network Topology

Computer networks may be classified according to the network topology upon which the network is based, such as Bus network, Star network, Ring network, Mesh network, Star-bus network, Tree or Hierarchical topology network, etc.

Network Topology signifies the way in which intelligent devices in the network see their logical relations to one another. The use of the term "logical" here is significant. That is, network topology is independent of the "physical" layout of the network. Even if networked computers are physically placed in a linear arrangement, if they are connected via a hub, the network has a Star topology, rather than a Bus Topology. In this regard the visual and operational characteristics of a network are distinct.

[edit] By protocol

Computer networks may be classified according to the communications protocol that is being used on the network. See the articles on List of network protocol stacks and List of network protocols for more information.

[edit] Types of networks:

Below is a list of the most common types of computer networks in order of scale.

[edit] Personal Area Network (PAN)

Main article: Personal area network

A personal area network (PAN) is a computer network used for communication among computer devices (including telephones and personal digital assistants) close to one person. The devices may or may not belong to the person in question. The reach of a PAN is typically a few meters. PANs can be used for communication among the personal devices themselves (intrapersonal communication), or for connecting to a higher level network and the Internet (an uplink).

Personal area networks may be wired with computer buses such as USB and FireWire. A wireless personal area network (WPAN) can also be made possible with network technologies such as IrDA and Bluetooth.

[edit] Local Area Network (LAN)

Main article: Local Area Network

A network covering a small geographic area, like a home, office, or building. Current LANs are most likely to be based on Ethernet technology. The defining characteristics of LANs, in contrast to WANs (wide area networks), include their much higher data transfer rates, smaller geographic range, and lack of a need for leased telecommunication lines. Hosts can be made part of a specific LAN can be defined by setting their address to one within the address range of the LAN subnet This can be done by manual configuration, or by configuring DHCPDynamic Host Configuration Protocol autoconfiguration to give the host an address in the appropriate range.

Currently standardized LAN technologies operate at speeds up to 10 Gigabits/sec. IEEE has projects investigating the standardization of 100 Gigabits/second, and possibly 40 Gigabits/second. Inverse multiplexing is commonly used to build a faster aggregate from slower physical streams, such as bringing 4 Gigabits/second aggregate stream into a computer or network element with four 1 Gigabit/second interfaces.

[edit] Campus Area Network (CAN)

Main article: Campus Area Network

A network that connects two or more LANs but that is limited to a specific and contiguous geographical area such as a college campus, industrial complex, or a military base. A CAN, may be considered a type of MAN (metropolitan area network), but is generally limited to an area that is smaller than a typical MAN, so it is called a CAN.

This term is most often used to discuss the implementation of networks for a contiguous area. In the past, when layer 2 switching (i.e., bridging (networking) was cheaper than routing, campuses were good candidates for layer 2 networks, until they grew to very large size. Today, a campus may use a mixture of routing and bridging. The network elements used, called "campus switches", tend to be optimized to have many Ethernet interfaces rather than an arbitrary mixture of Ethernet and WAN interfaces.

[edit] Metropolitan Area Network (MAN)

Main article: Metropolitan Area Network

A network that connects two or more Local Area Networks or CAN together but does not extend beyond the boundaries of the immediate town, city, or metropolitan area. Multiple routers, switches & hubs are connected to create a MAN

[edit] Wide Area Network (WAN)

Main article: Wide Area Network

A WAN is a data communications network that covers a relatively broad geographic area (i.e. one country to another and one continent to another continent) and that often uses transmission facilities provided by common carriers, such as telephone companies. WAN technologies generally function at the lower three layers of the OSI reference model: the physical layer, the data link layer, and the network layer.

The highest data rate commercially available, as a single bitstream, on WANs is 40 Gigabits/second, principally used between large service providers. Wavelength Division Multiplexing, however, can put multiple 10 or 40 GBps streams onto the same optical fiber.

[edit] Global Area Network (GAN)

Main article: Global Area Network

Global area networks (GAN) specifications are in development by several groups, and there is no common definition. In general, however, a GAN is a model for supporting mobile communications across an arbitrary number of wireless LANs, satellite coverage areas, etc. The key challenge in mobile communications is "handing off" the user communications from one local coverage area to the next. In IEEE Project 802, this involves a succession of terrestrial Wireless local area networks (WLAN) is the ^[4]. INMARSAT has defined a satellite-based Broadband Global Area Network (BGAN).

IEEE mobility efforts focus on the data link layer and make assumptions about the media. Mobile IP is a network layer technique, developed by the IETF, which is independent of the media type and can run over different media while still keeping the connection.

[edit] Internetwork

Main article: Internetwork

Two or more networks or network segments connected using devices that operate at layer 3 (the 'network' layer) of the OSI Basic Reference Model, such as a router. Any interconnection among or between public, private, commercial, industrial, or governmental networks may also be defined as an internetwork.

In modern practice, the interconnected networks use the Internet Protocol. There are at least three variants of internetwork, depending on who administers and who participates in them:

• Intranet
• Extranet
• "The" Internet

Intranets and extranets may or may not have connections to the Internet. If connected to the Internet, the intranet or extranet is normally protected from being accessed from the Internet without proper authorization. The Internet itself is not considered to be a part of the intranet or extranet, although the Internet may serve as a portal for access to portions of an extranet.

[edit] Intranet

Main article: Intranet

An intranet is a set of interconnected networks, using the Internet Protocol and uses IP-based tools such as web browsers, that is under the control of a single administrative entity. That administrative entity closes the intranet to the rest of the world, and allows only specific users. Most commonly, an intranet is the internal network of a company or other enterprise.

[edit] Extranet

Main article: Extranet

A extranet is network or internetwork that is limited in scope to a single organization or entity but which also has limited connections to the networks of one or more other usually, but not necessarily, trusted organizations or entities (e.g., a company's customers may be provided access to some part of its intranet thusly creating an extranet while at the same time the customers may not be considered 'trusted' from a security standpoint). Technically, an extranet may also be categorized as a CAN, MAN, WAN, or other type of network, although, by definition, an extranet cannot consist of a single LAN, because an extranet must have at least one connection with an outside network.

[edit] Internet, The

Main article: Internet

A specific internetwork, consisting of a worldwide interconnection of governmental, academic, public, and private networks based upon the Advanced Research Projects Agency Network (ARPANET) developed by ARPA of the U.S. Department of Defense – also home to the World Wide Web (WWW) and referred to as the 'Internet' with a capital 'I' to distinguish it from other generic internetworks.

Participants in the Internet, or their service providers, use IP Addresses obtained from address registries that control assignments. Service providers and large enterprises also exchange information on the reachability of their address ranges through the Border Gateway Protocol.

[edit] Basic Hardware Components

All networks are made up of basic hardware building blocks to interconnect network nodes, such as Network Interface Cards (NICs), Bridges, Hubs, Switches, and Routers. In addition, some method of connecting these building blocks is required, usually in the form of galvanic cable (most commonly Category 5 cable). Less common are microwave links (as in IEEE 802.11) or optical cable ("optical fiber").

[edit] Network Interface Cards

Main article: Network card

A network card, network adapter or NIC (network interface card) is a piece of computer hardware designed to allow computers to communicate over a computer network. It provides physical access to a networking medium and provides a low-level addressing system through the use of MAC addresses. It allows users to connect to each other either by using cables or wirelessly.

[edit] Repeaters

Main article: Repeater

A repeater is an electronic device that receives a signal and retransmits it at a higher level or higher power, or onto the other side of an obstruction, so that the signal can cover longer distances without degradation.

Because repeaters work with the actual physical signal, and do not attempt to interpret the data being transmitted, they operate on the Physical layer, the first layer of the OSI model.

[edit] Hubs

Main article: Network hub

A hub is a repeater with more than two ports, thus also being called "multiport repeater". It interconnects devices at the physical layer (layer 1) of the OSI model.. ^[5] It does this in a rudimentary way, it simply copies the data to all of the Nodes connected to the hub. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports. When a packet arrives at one port, it is copied the packets to all the ports of the hub. When the packets are copied, the destination address in the frame does not change to a broadcast address.

[edit] Bridges

Main article: Network bridge

A network bridge connects multiple network segments at the data link layer (layer 2) of the OSI model. Bridges do not promiscuously copy traffic to all ports, as does a hub. but learns which MAC addresses are reachable through specific ports. Once the bridge associates a port and an address, it will send traffic for that address only to that port. Bridges do send broadcasts to all ports except the one on which the broadcast was received.

Bridges learn the association of ports and addresses by examining the source address of frames that it sees on various ports. Once a frame arrives through a port, its source address is stored and the bridge assumes that MAC address is associated with that port. The first time that a previously unknown destination address is seen, the bridge will forward the frame to all ports other than the one on which the frame arrived.

Bridges come in three basic types:

1. Local bridges: Directly connect local area networks (LANs)
2. Remote bridges: Can be used to create a wide area network (WAN) link between LANs. Remote bridges, where the connecting link is slower than the end networks, largely have been replaced by routers.
3. Wireless bridges: Can be used to join LANs or connect remote stations to LANs

[edit] Switches

Main article: Network switch

Switches are a marketing term that encompasses routers and bridges, as well as devices that may distribute traffic on load or by application content (e.g., a Web URL identifier). Switches may operate at one or more OSI layers, including physical, data link, network, or transport (i.e., end-to-end). A device that operates simultaneously at more than one of these layers is called a multilayer switch.

Overemphasizing the ill-defined term "switch" often leads to confusion when first trying to understand networking. Many experienced network designers and operators recommend starting with the logic of devices dealing with only one protocol level, not all of which are covered by OSI. Multilayer device selection is an advanced topic that may lead to selecting particular implementations, but multilayer switching is simply not a real-world design concept.

[edit] Routers

Main article: Router

Routers are the networking device that forwards data packets along networks by using headers and forwarding tables to determine the best path to forward the packets. Routers work at the network layer (layer 3) of the OSI model. Routers also provide interconnectivity between like and unlike media.^[3] This is accomplished by examining the Header of a data packet.^[5] They use routing protocols such as Open Shortest Path First (OSPF) to communicate with each other and configure the best route between any two hosts. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP's network. Some DSL and Cable Modems have been integrated with routers for home consumers.

[edit] Building a simple computer network

A simple computer network may be constructed from two computers by adding a network adapter (Network Interface Controller (NIC)) to each computer and then connecting them together with a special cable called a crossover cable. This type of network is useful for transferring information between two computers that are not normally connected to each other by a permanent network connection or for basic home networking applications. Alternatively, a network between two computers can be established without dedicated extra hardware by using a standard connection such as the RS-232 serial port on both computers, connecting them to each other via a special crosslinked null modem cable.

Practical networks generally consist of more than two interconnected computers and generally require special devices in addition to the Network Interface Controller that each computer needs to be equipped with. Examples of some of these special devices are hubs, switches and routers.