To make networking more modular OSI has broken down networking into 7 layers. The top 4 Host layers happen in a computer in the Application or Operating system. The bottom 3 Media layers happen in a networking device like a NIC, Switch, Router, or Firewall.
I’m going to use an application called Ping to send out some packets. Application is up at the top of our Model, it passes that information to a driver presented by the Operating system, Windows in the layer below it. My request keeps getting passed to lower layers until it exits the computer on the network cable as Bits.
When the switch receives these Bits (raw electrical signals) it needs to assemble them into Frames so it can figure out what to do with them. Communication at Layer 2 uses the ARP protocol to try and find it’s destination. The switch keeps a list of what MAC address it has seen on each switch port. If the MAC address doesn’t appear in the list it sends out an ARP broadcast (it yells) to all ports, and waits for a reply.
This method works well for a small network > 300ish devices in close proximity. If there are too many devices, the yelling takes up more time than the transmitting data. If the device is too far away it takes too long for the device to reply and the switch isn’t listening anymore.
What if our princess is in another castle? IP was developed to connect together subnets using an overlay. the permanent MAC address is mapped to a changeable IP address. IP needs 3 pieces of information to work; a unique address, a subnet mask says how big the subnet is and where to listen for broadcasts, and a default gateway that lists the exit from the subnet. Under the IP method the switch looks at the destination address and uses the subnet mask to determine if the address is in the same subnet, if not the packet gets sent to the default gateway. if it is the same subnet the switch needs to use the old Ethernet method; it looks in it’s MAC address table and broadcasts if it can’t find a princess.. er a match.
There is a limited number of IP addresses; IANA is a group assigned the task of rationing out IP’s to the world. to preserve IP space 3 “private” address ranges were designated. 10.x.x.x, 192.168.x.x and 172.12-16.x.x these will NEVER be passed by an internet router. A firewall or NAT must translate this private IP into a registered, public IP address. This allows companies to have thousands of computers that all communicate on the internet using a single public IP address.
DNS was bolted on afterwards to allow using a name, which is easier to remember, instead of 4 random numbers.
DHCP was developed to allow automatic IP address allocation that expire after a set time. Reservations never change and never expire.
VLANs are virtual subnets; a switch can be sub-divided into 2 smaller switches, OR a subnet can span multiple switches. This works well to organize departments into the same subnet even if they are not on the same floor or even in the same building. then simple rules can be created that apply to a department. VLANs can cause confusion because they are not apparent just by looking at the front of a switch, unless an administrator has taken time to label ports.
What could possibly go wrong?
Static IP addresses only work in the VLAN they are assigned; if the cable gets plugged into the wrong switch port, it “disappears” communication in and out stops. it’s not smart enough to “revert” to DHCP.
Multiple DHCP servers in a subnet can assign the same IP address twice or hand out the wrong default gateway.
DNS servers are either public or private; if information leaks into the wrong server, destinations are unreachable.
Many protocols were created for Home use or before IP became the defacto standard. AppleTalk and WINS are broadcast protocols that have problems crossing subnet boundaries.
Spanning Tree (STP) is a solution that creates 3 problems. designed to prevent broadcast storms when switches are connected in a triangle. STP doesn’t obey VLAN boundaries, so it can prune a VLAN/subnet completely