TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
Dane,
and apologies for my semantics... but really, guys, unless you are saying a
hub burning ONE port vs. a switch burning ONE port.
Load parallel networks. Off the internet router place a 24 port 10bT HUB.
Off a separate internet router place a 24 port 10bT SWITCH. Install 20
users, 2 printers, a OS file server and and a mail server. Load the network
traffic to 30% utilization of the wire.
Tell me in this scenario that a hub is ACTUALLY faster than a switch.
-----Original Message-----
From: Dane Paone [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 13, 1999 11:11 PM
To: Bridge, Jim
Cc: 'Luff, Darryl'; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: Switched network
Actually,
Mr. Luff is correct in his views on the apparent difference in
"speed" of packets flowing through hubs/switches. Hubs are simple
repeating devices and instantly forward traffic on all ports. Switches,
whether of the "store and forward" or "cut through" type, always add
some barely perceptible, but measureable, latency to a network. This is
because of the extra overhead the switch must deal with in order to send
packets to their correct destinations on the separate collision domains
on each port of the switch. You can think of a switch as a sort of
automatic simplified "router" in a way since the function it performs is
much like a router, without having the functionality of firewalls,
TCP/IP routing tables etc.
The situation where a switch is indeed "faster" than a hub is when a
port on a switch is communicating with a NIC at FULL duplex rather than
HALF duplex like a normal repeating hub. This is because the available
bandwidth is effectively doubled for that port and the NIC connected to
it. Think of it this way: half duplex is a one lane road, and full
duplex is a two lane road.
It's not the speed of the traffic on these two roads, it's the fact that
traffic can move in both directions at the same time on one road and
only in one direction at once on the other.
This is becoming rather long winded but I wanted to make one other
point: when there is constant traffic on a repeating hub the collision
rate climbs as the traffic does, whereas on a switch this is lessened
because traffic is directed to the respective ports the sources and
destinations are on and traffic is not REPEATED over all ports, breaking
up the collision domains and lessening the overall impact on the
network.
Sorry for the preaching guys =)
Dane
"Bridge, Jim" wrote:
>
> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
problems!
>
----------------------------------------------------------------------------
>
> You are mixing terminology here. Ethernet? Token Ring? or any other? A Hub
> (what speed) is not "faster" than a Switch (what speed), unless the hub is
> 100 and has only one device connected to the backbone, and the switch is a
> 10bT device.
>
> Jim
>
> -----Original Message-----
> From: Luff, Darryl [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 06, 1999 10:58 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: Switched network
>
> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> problems!
>
----------------------------------------------------------------------------
>
> A hub isn't necessarily bad, it depends where the traffic's going. The hub
> actually forwards packets faster than a switch (less latency). The switch
> gets it's performance by allowing multiple conversations to carry on in
> parallel.
>
> If you're monitoring a point-to-point link between a firewall and a
switch,
> inserting a hub wont make much difference to performance. The traffic is
the
> same (barring traffic generated by the monitor itself, which is hopefully
> fairly light).
>
> Even on something like a DMZ with multiple servers, where practically all
> traffic is between the firewall port and one or the other of the servers,
a
> switch doesn't help performance much because all traffic is still queued
up
> for the single port the firewall is connected to. In this case replacing
the
> switch with a hub shouldn't make much difference - only one machine can
talk
> to the firewall at a time anyway.
>
> Where switches do work well is on segments with multiple hosts, where
> traffic flows in a mesh between many pairs of hosts. Here the switch is
> providing a big performance improvement by isolating conversations between
> different pairs of hosts. Replacing this switch with a hub would increase
> the utilisation on the segment, and so probably cause increased collisions
> and poor performance.
>
> Darryl
>
> > -----Original Message-----
> > From: Ray Honeycutt (HCS) [SMTP:[EMAIL PROTECTED]]
> > Sent: Saturday, December 04, 1999 8:47 AM
> > To: [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED]
> > Subject: Re: Switched network
> >
> >
> > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
> > to
> > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> > problems!
> >
--------------------------------------------------------------------------
> > --
> >
> > I assume you would not recommend using a hub for performance reasons??
If
> > we use the
> > network tap approach, do you know of particular hardware vendors that
are
> > recommended?
> >
> > Brian Laing wrote:
> >
> > >
> > > Istvan,
> > >
> > > To implement IDS into a switched environment careful attention
> > needs to be
> > > spent examining the flow of traffic, and once that is known more time
> > spent
> > > on how much of that traffic you wish to see. Once you know that where
> > to
> > > place the IDS is much simpler.
> > > The main targets points for monitoring in a switched
> > environment,
> > are
> > > between switches, routers and individual machines. You can use any of
> > the
> > > following methods to monitor these connections. If your switch
supports
> > > mirroring or spanning of ports you can copy the traffic from the
target
> > port
> > > to your IDS on another port. Another solution is the use of network
> > taps.
> > > A tap is a hardware device that can be inserted between two
connections,
> > and
> > > copy the traffic off to your IDS. You could also use a Hub instead of
a
> > tap
> > > in some solutions but I would not recommend it.
> > >
> > > Brian
> >
> > --------------------------------------------------------
> > Ray Honeycutt 919.779.3055 Voice
> > President 919.779.3464 Fax
> > HCS Systems Inc. www.hcssystems.com
> > 4470 Zacks Mill Rd. [EMAIL PROTECTED]
> > Angier NC 27501, USA
> >
