Segmenting LANs with Routers

Segmenting LANs with Routers

Bridges, operating at a layer higher than repeaters, add functionality to the network, which is not present in repeaters. Bridges perform all repeater functions, and more, by creating new collision domains. Likewise, routers, which operate at Layer 3, add functionality beyond bridges. Routers extend networks like bridges, but they create both collision and broadcast domains. Routers prevent broadcasts from propagating across networks. This broadcast isolation creates individual broadcast domains not found in bridges. The router behavior of blocking broadcast frames defines broadcast domain boundaries—the extent to which a broadcast frame propagates in a network. Figure 2-10 shows a network built with routers and identifies collision and broadcast domains.

Figure 2-10. Broadcast and Collision Domains in a Routed Network

A side effect of separate broadcast domains demonstrates itself in the behavior of routers. In a repeater- or bridge-based network, all stations belong to the same subnetwork because they all belong to the same broadcast domain. In a router-based network, however, which creates multiple broadcast domains, each segment belongs to a different subnetwork. This forces workstations to behave differently than they did in the bridged network. Refer to Figure 2-11 and Table 2-2 for a description of the ARP process in a routed network. Although the world does not need another description of ARP, it does in this case serve to illustrate how frames flow through a router in contrast to bridges and repeaters.

Further, it serves as an example of how workstations must behave differently with the presence of a router. In a bridge- or repeater-based network, the workstations transmit as if the source and destination are in the collision domain, even though it is possible in a bridged network for them to be in different domains. The aspect that allows them to behave this way in the bridged network is that they are in the same broadcast domain. However, when they are in different broadcast domains, as with the introduction of a router, the source and destination must be aware of the router and must address their traffic to the router.

Figure 2-11. Frame Header Changes through a Router

Table 2-2. Frame Exchange in a Routed Network

  Layer 2 Header (Modified) Layer 3 Header (Unmodified)
Frame Destination MAC Source MAC Source IP Destination IP
1* FF-FF-FF-FF-FF-FF 00-60-97-8F-4F-86
2** 00-60-97-8F-4F-86 00-E0-1E-68-2B-12
3*** 00-E0-1E-68-2B-12 00-60-97-8F-4F-86
4* FF-FF-FF-FF-FF-FF 00-E0-1E-68-2B-11
5** 00-E0-1E-68-2B-11 00-60-97-8F-5B-12
6*** 00-60-97-8F-5B-12 00-E0-1E-68-2B-11

*ARP Request

**ARP Reply

***User Data Frame

When Station 1 wants to talk to Station 2, Station 1 realizes that the destination is on a different network by comparing the destination’s logical address to its own. Knowing that they are on different networks forces the source to communicate through a router. The router is identified through the default router or default gateway setting on the workstation. To communicate with the router, the source must address the router at Layer 2 using the router’s MAC address. To obtain the router’s MAC address, the source first ARPs the router (see frames 1 and 2 in Figure 2-11).

The source then creates a frame with the router’s MAC address as the destination MAC address and with Station 2’s logical address for the destination Layer 3 address (see frame 3 in Figure 2-11). When the frame enters the router, the router determines how to get to the destination network. In this example, the destination directly attaches to the router. The router ARPs for Station 2 (frames 4 and 5 in Figure 2-11) and creates a frame with station 2’s MAC address for the L2 destination and router’s MAC for the L2 source (see frame 6 in Figure 2-11). The router uses L3 addresses for Stations 1 and 2. The data link layer header changes as the frame moves through a router, while the L3 header remains the same.

In contrast, remember that as the frame transits a repeater or bridge, the frame remains the same. Neither repeaters nor bridges modify the frame. Like a bridge, routers prevent errored frames from entering the destination network.

About the author


Leave a Comment