9 minutes reading time (1785 words)

Why not having a real switch matters

Many people believe that network traffic is just like water down a pipe, its all data and it can only go back and forth. Actually that's no where near reality, and in fact every packet of information that traverses your network consists of at least 2 layers. That is a packet within a packet, with most data being three layers, a packet within a packet within a packet. The reason for this is the separation of protocol and transport. To clarify that a little, the transport is most likely "Ethernet", and the protocol is most likely "TCP/IP" but it doesn't have to be. When you purchase network equipment, you'll be buying an "Ethernet Card" for your workstation, an "Ethernet Switch" for the network and so on, and so it's clear that the transport is "Ethernet", but even here there are differentiations. 

The standard for Ethernet

The current standard is IEEE 802.3 within which we can have a selection of physical connectivity with different cable types and wiring requirements. Let's look at a few common ones. 

10Base5 was the first real "Ethernet" implementation, over thick Co-ax RG-8 cable and commonly known as "Thicknet", this transport was the standard for DEC and other mini/mainframe systems from the early days. Thicknet required an external transceiver for every connection that converted the RG-8 co-ax into D-type AUI connector that then connected with the computer or equipment. 

10Base2 was where "Thin" Ethernet first came to the market. Using the much thinner and easier to work with RG58 Co-Ax cable Thinnet quickly became the standard for local area networks back in the 90's. There were no 'switches' only 'hubs', sometimes called concentrators which where just dumb connections between runs of Co-ax. Towards the end of the life of Thinnet, a few manufacturers such as 3com did release more intelligent routing equipment but with 10BaseT on the horizon uptake was limited. 

10BaseT, was the first structured cabling specification, providing 10Mbps max over four pairs of wires and introduced the Category 3 specification (often just called CAT3). In the past, 10Base2 and 10Base5 consisted of a long run of Co-Ax with computers hooked into that long cable. When something on the network broke, everything broke and fault finding a problem on a long run that strung through several offices was a real pain in the backside. Structured cabling did away with that and instead every computer had its own cable back to the hub or concentrator which were now a little smarter. Fault finding was now as simple as unplugging each computer until everything worked again - much better. 

100BaseT(X), was an upgrade to 100Mbps over CAT5 but also ushered in the 'network switch' which was like a hub but actually had some intelligence. In the world of the Hub each packet sent to port 1 was sent out on port 2, port 3, port 4, port 5..... port 24 and the computers on those ports simply ignored the packet if it wasn't for them. The Switch did away with all that nonsense and instead watched packets on its ports and built up a table of devices on each, often called the ARP or MAC table. Using this table, the switch could now send the data ONLY to the port that hosted the destination computer. This magic also greatly reduced the traffic on other segments (connections between switches) so the whole network was significantly more efficient. The more expensive switches, so called "Managed" allowed network engineers to login to them and to see traffic statistics, errors, activity, etc which greatly reduced the need for engineers to be standing in front of equipment in order to monitor its operation. 

100BaseFX, sometimes called 100Base-X is the same traffic but instead of using wires, it uses fibre. 

1000BaseT(X), the Gigabit Ethernet Standard with 1Gbps speed and full duplex. This is probably the most common implementation in use today and requires CAT5e or later. 

Other Standards

The 802.5 Specification introduced "Token Ring", a 16Mbps network that operated as a long loop where each computer would relay data that wasn't destined for it. Token ring was big with IBM and at the time was probably one of the more reliable infrastructures, but came with a stiff price tag. 

The 802.11 specification is for Wireless transmission and has a number of sub sections such as A, B, C, F, G, M, and AC. The actual physical requirements of seeing data over the air is different to that of wired, and yet the original "Ethernet" was so called because it was designed to be wireless. That aside 802.11 is a complex and evolving specification providing every increasing transmission speeds and distances. 

The OSI ModelBack to the Data

So now we know that different physical connectivity such as a long string of co-ax, a token ring, and wireless all use different methods to send and receive data, and yet they can all send TCP/IP, or Vines, or NetBUI or IPX so how does that work? Well its really simple, the OSI names the physical data transport as Layer 2, Layer 1 being the actual voltage/frequency/waveforms of the signals used on the wires or over the air. The Networks Cards, hubs, switches all send and receive 'data' using Layer 2. In Layer 2, all devices on the network have an address, but it's not an IP Address, this is a MAC (Media Access Control) address. You will see this MAC address shown on the back/bottom of any router, managed switch and network card. This MAC address is the physical address of the devices and if you were to tap into the network and monitor traffic you would see nothing but Layer 2 data, From physical address 01-23-45-67-89-AB-CD-EF to 01-23-45-67-81-22-C4-FF for example. The switches keep track of these physical addresses and deals only in with these packets. 

The actual 'data' which can be TCP/IP is then encapsulated (enclosed) within this physical layer data and its the job of the network endpoints (Computers, and Servers) to translate the TCP/IP Address into the MAC Address, stuff the data into the Layer 2 packet and then send it. Likewise upon reception, the endpoints will extract the TCP/IP packet from the Layer 2 packet and then pass that onto the operating system. This may seem over complicated but in fact it's essential. TCP/IP is not the only protocol in use today AND Ethernet is not  the only physical transport. By separating the physical and data we solve a world of problems and can have TCP/IP travelling over Ethernet, Wifi, Fibre, CDMA, GSM without having to care how it gets there. Likewise, we can have a range of protocols co-existing on the physical network without any impact on its operation. To use an analogy, consider sending a letter to a friend. Layer 1 would be the roads, the postbox, the postman's van, the sorting office, various hands and machines. Layer 2 would be the envelope and the address on the envelope is the physical address, and the contents of the envelope would be the Layer 3 or TCP/IP data. The envelope, being Layer 2 doesn't care how it gets to the physical address written on it, and the note inside being TCP/IP has no concept of how it physically gets to the friends house, it enters the envelope at your house and emerges at your friends house. 

Back to the "real switch matters"

A real managed switch brings some intelligence to the landscape and is able to not only route packets more efficiently across the network but also monitor the network for issues that could cause problems. Most good switches these days are able to do Layer 1 hardware diagnostics of the cables attached, as well as monitoring network events such as collisions, errors, storms and floods, and having this oversight can be invaluable when dumber hardware is connected to your network.

The reason for this article was a long term hardware issue with a broadband router that would intermittently loose its connection for no apparent reason. Engineers would be on site, monitor the broadband circuit and couldn't see anything wrong with it. Extensive broadband diagnostics showed a line in perfect health and when leaving network test gear connected to it over a weekend we could see absolutely no issues. Reconnect the router and within a few hours it would be out of service again. 

Ha! it's the router! Well we'd replaced that already, twice in fact and no change, so what the fluffy fruit is going on here? 

After a lot of what if's and a smattering of customer frustration, we sent in the Level 3 guys with their laptops and the issue was finally identified. Jefferson's Jellies! exclaimed the Level 3 tech, It's the network!. More specifically a network cable that had been crushed behind a rack. This crushed cable was causing intermittent cross-connection between several pairs on the CAT5e cable, and this was causing garbage to be transmitted. A smart network switch would have noticed this and taken action to resolve, but the customer only had a dumb switch and the router (A Draytek 2862) again had no intelligent network interface. The garbage on this crushed cable created what is technically known as a packet storm which quickly saturated the network and more interestingly caused the Draytek 2862 to drop its PPP connection. 

Network Certification ReportThe moral here is a simple one

Why a packet storm on the network port of a router would cause the PPP connection to drop is something I can only speculate about, and this behaviour sent us looking in totally the wrong place. Had the customer spent a little more on a good switch then (a) it would have dealt with the packet storm, and (b) we could have asked it easily where the problem was. 

In all fairness  to the technical teams, we rarely provide a broadband only service, and we would normally manage the network and if not already installed, we'd install managed switches, but this was a tiny remote office for small business customer, with a network installed by Pete the Plumber and all they wanted was a good *reliable* broadband for SIP. 

Get your network installed by a professional and ensure you receive CERTIFIED test results. They will look something like the report on the right, with a page for every port on the network. Any good network professional will provide these, but Plumber Pete can't and won't. If you are moving into a new building that already has structured cabling or you suspect your cabling was installed by Plumber Pete or his mate then having it certified is a simple and cheap process. As for a good Managed Switch, I'm not going to start recommending brands because to be honest most brands are ok for most networks, and it's not a case of the more expensive the better, although some will tell you different. 

 

 

Torrent Sites - The History, Mistakes and Failures
Protecting Your Synology NAS from Internet Threats
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 19 March 2024

Captcha Image