|
HAVE I HELPED? |
IF THIS DOESN'T CONFUSE YOU, NOTHING WILL
The difference between hubs and switches, or what do you do when you go to CompUSA and you see all these "hubs" and "switches" and the salesman tells you should buy a switch because it is better. Well, maybe.
UPDATE Fall 2006: It is really doubtful that you can find a "hub" for sale these days. So you are going to have to find a cisco 1900 or 2900 on ebay and put one of the ports in "mirror" mode in order to see all the traffic on your LAN from one place. See below:
First of all, hubs and switches do basically the same thing. They are the devices by which you connect together (network) all your PCs and your NAT/router, most likely using the ethernet technology. They will allow all your PCs and your NAT/Router to exchange information amongst themselves, assuming your "layer 3" properties (like IP addresses) are all in proper order. The hub or switch often comes as part of the NAT/router - it is the 4 or 8 position RJ45 jack field.
But there is a fundamental difference between hubs and switches.
Hubs are definitely a little cheaper, and "old" art, and may only run at 10 Mb/s. Basically any ethernet frame that gets received at one of the hub ports gets replicated to the other ports, irrespective of any consideration. There are 100 Mb/s versions as well. Switches are a little newer technology, maybe a little more expensive, and most run at 100 Mb/s, and are full duplex [a discussion for another day]. Any frame that is received on a switch port may or may not be replicated to all the other ports. The switch learns, and maintains an internal table, and if it knows the devices which are connected to each port (having learned them - using the Ethernet MAC address), it will only replicate the frame onto the port for the device whose destination (MAC) address is specified in the received frame. If it does not recognize the destination MAC address, it simply replicates the frame out each port ("floods" all ports, in the vernacular of layer 2 devices....), much like what a hub does with every frame. The "bridge table" of course ages, and the individual entries will disappear if they are not referenced over a few minutes. Broadcast ethernet frames of course, are intended for all ports, so switches will flood all the ports, just like the hubs do.
Though they do basically the same task from the user's perspective - i.e. allowing us to network our PCs, hubs are layer 1 devices [they just do "wire" stuff], and switches are considered layer 2 devices [they look at MAC addresses before they do the "wire" stuff]. Thanks to reader Sylvain for keeping me honest here... :-)
For home networking, I can't believe 10 Mb/s is not sufficient, unless you spend your time transferring Gigabit files between your PCs, or up and down off the net. 10 Mb/s should be fine for most purposes. Nevertheless, pure 10 Mb/s hubs will probably disappear from the shelves someday. Most new devices are auto sensing 10/100 switches. And most new PCs even come with NICs capable of GE speeds, i.e. 1000 Mbs. GE technology does not work over hubs - switches are the required mode of operation.
There is another reason a hub should be fine, and may even be preferred to a "switch." When you run a sniffer, such as ethereal, it is only on a non-switched network (i.e. a network with a "hub" in the middle) that you will be able to see all the network traffic and do some heavy debugging. This is a decided advantage for hubs over switches. In fact some of the more expensive switches will let you designate a port as one that will see "all" the traffic for this purpose, but in general switches just don't do this. [See below...] There is a reason, of course why switches are touted as "better", and it is to segregate traffic. That is one of the first things your company does in order to upgrade its network, replace the hubs by switches. So switches are good, don't get me wrong, but in a home environment a hub is probably sufficient, especially if you want to see what is going on in your network [think kids and monitoring Internet usage.....].
OTOH it will get progressively harder to find a hub instead of a switch in your local computer store. See this discussion.
Wireless Routers often have a hub or switch integrated into the box as well. The wireless portion of the network access is always behind a "switch" and does not simply appear as a "hub" port. PCs on different switch ports, as opposed to hub ports, will NOT be able to see all the traffic on the LAN. Read on for other information.
You start to get the sense that hubs will become extinct pretty soon. That makes debugging more difficult, and may require us to spend more money in order to make sure we get a switch which is capable of replicating ("mirroring") all traffic onto a designated port, so that we can plug our analyzer onto that designated port, and thus continue our debugging tasks.....
Update Spring 2005: It seems like hubs are quickly becoming a thing of the past! Even though the product may SAY hub, it may really be a switch. Thus the possibility of seeing all traffic is becoming more difficult. But hold everything!!! The best technique may be to actually get yourself a second hand Cisco 1900 or 2900 ethernet switch. They can be had for less than $100, or maybe $200 for the 2900. Get the 24 port variety. And then you will be able to "console in" to the switch and setup a "mirror" port. This port can only be used for this purpose, but hey, you've got 24 of them, and you can flip a PC here and run Ethereal if you have to. I have recently purchased a 1900 for $60, so I will report in when I get a chance. This is only a 10 Mbs capable switch, but they wanted about $400 for the 100 Mbs 2900 Ethernet switch!! Your favorite struggling small business man is still in save money mode, so this will have to wait!
Here is my config for a cisco 1900 showing how to do a mirror to port 0/27, which is the 100baseT port.