Loading W Code...
Hardware that enables network communication
Network devices operate at different OSI layers and serve specific purposes in connecting, filtering, and routing network traffic.
Router
Layer 3 (Network)
Switch
Layer 2 (Data Link)
Hub
Layer 1 (Physical)
Bridge
Layer 2 (Data Link)
Gateway
Layer 7 (Application)
Firewall
Layer 3-7
Access Point (AP)
Layer 1-2
Modem
Layer 1 (Physical)
Layer 3 (Network)
Router connects multiple networks and routes packets between them using IP addresses. Key Functions: - Connects different networks (LAN to WAN) - Routes packets based on IP addresses - NAT (Network Address Translation) - DHCP server capability - Firewall functionality Types: - Core Router: Backbone of internet - Edge Router: Connects to ISP - Home Router: For home networks
// Routing Table Example
Destination Gateway Mask Interface
0.0.0.0 192.168.1.1 0.0.0.0 eth0 (default)
192.168.1.0 0.0.0.0 255.255.255.0 eth0
10.0.0.0 192.168.1.254 255.0.0.0 eth0
// NAT Translation
Inside Local Inside Global Outside Local Outside Global
192.168.1.10 203.0.113.5 8.8.8.8 8.8.8.8
// Router Commands (Cisco)
Router> enable
Router# configure terminal
Router(config)# ip route 10.0.0.0 255.0.0.0 192.168.1.1Layer 2 (Data Link)
Switch connects devices within a LAN and forwards frames based on MAC addresses. Key Functions: - Learns MAC addresses automatically - Forwards frames to specific ports - Creates collision domains per port - Supports VLANs for segmentation - Full duplex communication Types: - Unmanaged Switch: Plug and play - Managed Switch: Configurable - Layer 3 Switch: Has routing capability
// MAC Address Table
Port MAC Address VLAN
---- ----------------- ----
Fa0/1 AA:BB:CC:DD:EE:01 10
Fa0/2 AA:BB:CC:DD:EE:02 10
Fa0/3 AA:BB:CC:DD:EE:03 20
// VLAN Configuration (Cisco)
Switch(config)# vlan 10
Switch(config-vlan)# name SALES
Switch(config)# interface fa0/1
Switch(config-if)# switchport access vlan 10
// Spanning Tree Protocol (STP)
Root Bridge: 00:AA:BB:CC:DD:EE
Path Cost to Root: 19
Port State: Forwarding/Blocking/Listening/LearningLayer 1 (Physical)
Hub is a simple network device that broadcasts data to all connected devices. Key Characteristics: - Broadcasts to all ports (no intelligence) - Creates single collision domain - Half duplex only - No MAC address learning - Deprecated - replaced by switches Types: - Passive Hub: No signal amplification - Active Hub: Amplifies signals - Intelligent Hub: Basic management
// Hub vs Switch Comparison
┌─────────────────┬─────────────┬─────────────┐
│ Feature │ Hub │ Switch │
├─────────────────┼─────────────┼─────────────┤
│ Layer │ Physical │ Data Link │
│ Intelligence │ None │ MAC-based │
│ Collision │ Shared │ Per port │
│ Bandwidth │ Shared │ Dedicated │
│ Duplex │ Half │ Full │
│ Security │ Low │ Higher │
└─────────────────┴─────────────┴─────────────┘
// Hub operation
Frame arrives at Port 1
└──> Broadcast to ALL other ports (2,3,4,5...)Layer 2 (Data Link)
Bridge connects two LAN segments and filters traffic using MAC addresses. Key Functions: - Connects network segments - Filters traffic based on MAC - Reduces collision domains - Learns MAC addresses - Predecessor to switches Bridge vs Switch: - Bridge: 2-4 ports, software-based - Switch: Many ports, hardware-based (ASIC)
// Bridge Forwarding Logic
if (dest_MAC in forwarding_table):
if (dest_port == source_port):
filter/discard frame // Same segment
else:
forward to dest_port // Different segment
else:
flood to all ports except source
// Bridge Types
┌──────────────────┬─────────────────────────┐
│ Type │ Description │
├──────────────────┼─────────────────────────┤
│ Transparent │ Invisible to devices │
│ Source Routing │ Path in frame header │
│ Translational │ Protocol conversion │
└──────────────────┴─────────────────────────┘Layer 7 (Application)
Gateway connects networks using different protocols and performs protocol translation. Key Functions: - Protocol conversion/translation - Connects dissimilar networks - Application-level processing - Security gateway functionality - Voice gateway (VoIP) Types: - Protocol Gateway: Protocol conversion - Security Gateway: Firewall, VPN - Voice Gateway: PSTN to VoIP
// Gateway Protocol Conversion
┌──────────────┐ ┌─────────────┐ ┌──────────────┐
│ Network A │────>│ Gateway │────>│ Network B │
│ (IPv4) │ │ Translation │ │ (IPv6) │
└──────────────┘ └─────────────┘ └──────────────┘
// Default Gateway Configuration
IPv4: 192.168.1.1 (router interface)
IPv6: fe80::1
// Voice Gateway Example
PSTN ←→ Voice Gateway ←→ VoIP Network
Analog Digital IP-basedLayer 3-7
Firewall monitors and controls network traffic based on security rules. Key Functions: - Packet filtering (Layer 3-4) - Stateful inspection - Application layer filtering (Layer 7) - NAT and VPN support - Intrusion prevention Types: - Packet Filter: Basic IP/port filtering - Stateful: Tracks connection state - Application: Deep packet inspection - Next-Gen (NGFW): Advanced features
// Firewall Rules Example
┌────┬────────┬────────┬───────┬────────┬────────┐
│ # │ Action │ Source │ Dest │ Port │ Proto │
├────┼────────┼────────┼───────┼────────┼────────┤
│ 1 │ ALLOW │ ANY │ DMZ │ 80,443 │ TCP │
│ 2 │ ALLOW │ LAN │ ANY │ ANY │ ANY │
│ 3 │ DENY │ ANY │ ANY │ 23 │ TCP │
│ 4 │ DENY │ ANY │ ANY │ ANY │ ANY │
└────┴────────┴────────┴───────┴────────┴────────┘
// Stateful Inspection
Connection Track: TCP 192.168.1.10:54321 → 8.8.8.8:443
State: ESTABLISHED
Reply allowed: 8.8.8.8:443 → 192.168.1.10:54321Layer 1-2
Access Point extends wired network to wireless devices. Key Functions: - Wireless signal transmission - SSID broadcasting - Client authentication (WPA2/WPA3) - Channel management - Multiple SSID support Types: - Standalone AP: Independent operation - Controller-based: Centrally managed - Mesh AP: Wireless backhaul
// Wireless Configuration
SSID: Corporate_WiFi
Security: WPA3-Enterprise
Authentication: 802.1X (RADIUS)
Band: 5 GHz (preferred)
Channel: Auto (DFS enabled)
// 802.11 Frame Types
┌──────────────────┬─────────────────────────┐
│ Frame Type │ Purpose │
├──────────────────┼─────────────────────────┤
│ Management │ Association, Auth │
│ Control │ RTS, CTS, ACK │
│ Data │ Actual data transfer │
└──────────────────┴─────────────────────────┘
// WiFi Security Evolution
WEP → WPA → WPA2 → WPA3
(Weak) (TKIP) (AES) (SAE)Layer 1 (Physical)
Modem (Modulator-Demodulator) converts digital signals to analog and vice versa. Key Functions: - Signal modulation/demodulation - Connects to ISP - Provides internet access - Error correction - Compression Types: - DSL Modem: Phone line - Cable Modem: Coaxial cable - Fiber Modem (ONT): Fiber optic - Cellular Modem: 4G/5G
// Modem Signal Flow
Digital Data Modem Analog Line
01100101 ──────> Modulate ──────> ~~~~~
~~~~~ ──────> Demodulate ──> 01100101
Analog Line Modem Digital Data
// Modem Types & Speeds
┌──────────────┬──────────────┬─────────────┐
│ Type │ Medium │ Max Speed │
├──────────────┼──────────────┼─────────────┤
│ DSL │ Phone line │ 100 Mbps │
│ Cable │ Coax │ 1 Gbps │
│ Fiber (ONT) │ Fiber optic │ 10 Gbps │
│ 5G │ Cellular │ 1-10 Gbps │
└──────────────┴──────────────┴─────────────┘Hub vs Switch vs Router: Know the layer and key differences
Collision vs Broadcast domains: Hub shares both, Switch separates collision, Router separates both
MAC vs IP addressing: Switch uses MAC (L2), Router uses IP (L3)
Firewall types: Packet filter, Stateful, Application, NGFW