TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
OK, guys. Who is going to put an unmanaged piece of equipment off the
Inet router? Not me. It's gonna be managed, and that means its gonna be
at LEAST a simple cut-through. Is this thread usefull?
"Bridge, Jim" wrote:
>
> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
> ----------------------------------------------------------------------------
>
> Dane,
> and apologies for my semantics... but really, guys, unless you are saying a
> hub burning ONE port vs. a switch burning ONE port.
>
> Load parallel networks. Off the internet router place a 24 port 10bT HUB.
> Off a separate internet router place a 24 port 10bT SWITCH. Install 20
> users, 2 printers, a OS file server and and a mail server. Load the network
> traffic to 30% utilization of the wire.
>
> Tell me in this scenario that a hub is ACTUALLY faster than a switch.
>
> -----Original Message-----
> From: Dane Paone [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 13, 1999 11:11 PM
> To: Bridge, Jim
> Cc: 'Luff, Darryl'; [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: Switched network
>
> Actually,
> Mr. Luff is correct in his views on the apparent difference in
> "speed" of packets flowing through hubs/switches. Hubs are simple
> repeating devices and instantly forward traffic on all ports. Switches,
> whether of the "store and forward" or "cut through" type, always add
> some barely perceptible, but measureable, latency to a network. This is
> because of the extra overhead the switch must deal with in order to send
> packets to their correct destinations on the separate collision domains
> on each port of the switch. You can think of a switch as a sort of
> automatic simplified "router" in a way since the function it performs is
> much like a router, without having the functionality of firewalls,
> TCP/IP routing tables etc.
> The situation where a switch is indeed "faster" than a hub is when a
> port on a switch is communicating with a NIC at FULL duplex rather than
> HALF duplex like a normal repeating hub. This is because the available
> bandwidth is effectively doubled for that port and the NIC connected to
> it. Think of it this way: half duplex is a one lane road, and full
> duplex is a two lane road.
> It's not the speed of the traffic on these two roads, it's the fact that
> traffic can move in both directions at the same time on one road and
> only in one direction at once on the other.
> This is becoming rather long winded but I wanted to make one other
> point: when there is constant traffic on a repeating hub the collision
> rate climbs as the traffic does, whereas on a switch this is lessened
> because traffic is directed to the respective ports the sources and
> destinations are on and traffic is not REPEATED over all ports, breaking
> up the collision domains and lessening the overall impact on the
> network.
> Sorry for the preaching guys =)
>
> Dane
>
> "Bridge, Jim" wrote:
> >
> > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
> to
> > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> problems!
> >
> ----------------------------------------------------------------------------
> >
> > You are mixing terminology here. Ethernet? Token Ring? or any other? A Hub
> > (what speed) is not "faster" than a Switch (what speed), unless the hub is
> > 100 and has only one device connected to the backbone, and the switch is a
> > 10bT device.
> >
> > Jim
> >
> > -----Original Message-----
> > From: Luff, Darryl [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, December 06, 1999 10:58 PM
> > To: [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED]
> > Subject: RE: Switched network
> >
> > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
> to
> > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> > problems!
> >
> ----------------------------------------------------------------------------
> >
> > A hub isn't necessarily bad, it depends where the traffic's going. The hub
> > actually forwards packets faster than a switch (less latency). The switch
> > gets it's performance by allowing multiple conversations to carry on in
> > parallel.
> >
> > If you're monitoring a point-to-point link between a firewall and a
> switch,
> > inserting a hub wont make much difference to performance. The traffic is
> the
> > same (barring traffic generated by the monitor itself, which is hopefully
> > fairly light).
> >
> > Even on something like a DMZ with multiple servers, where practically all
> > traffic is between the firewall port and one or the other of the servers,
> a
> > switch doesn't help performance much because all traffic is still queued
> up
> > for the single port the firewall is connected to. In this case replacing
> the
> > switch with a hub shouldn't make much difference - only one machine can
> talk
> > to the firewall at a time anyway.
> >
> > Where switches do work well is on segments with multiple hosts, where
> > traffic flows in a mesh between many pairs of hosts. Here the switch is
> > providing a big performance improvement by isolating conversations between
> > different pairs of hosts. Replacing this switch with a hub would increase
> > the utilisation on the segment, and so probably cause increased collisions
> > and poor performance.
> >
> > Darryl
> >
> > > -----Original Message-----
> > > From: Ray Honeycutt (HCS) [SMTP:[EMAIL PROTECTED]]
> > > Sent: Saturday, December 04, 1999 8:47 AM
> > > To: [EMAIL PROTECTED]
> > > Cc: [EMAIL PROTECTED]
> > > Subject: Re: Switched network
> > >
> > >
> > > TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
> > > to
> > > [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> > > problems!
> > >
> --------------------------------------------------------------------------
> > > --
> > >
> > > I assume you would not recommend using a hub for performance reasons??
> If
> > > we use the
> > > network tap approach, do you know of particular hardware vendors that
> are
> > > recommended?
> > >
> > > Brian Laing wrote:
> > >
> > > >
> > > > Istvan,
> > > >
> > > > To implement IDS into a switched environment careful attention
> > > needs to be
> > > > spent examining the flow of traffic, and once that is known more time
> > > spent
> > > > on how much of that traffic you wish to see. Once you know that where
> > > to
> > > > place the IDS is much simpler.
> > > > The main targets points for monitoring in a switched
> > > environment,
> > > are
> > > > between switches, routers and individual machines. You can use any of
> > > the
> > > > following methods to monitor these connections. If your switch
> supports
> > > > mirroring or spanning of ports you can copy the traffic from the
> target
> > > port
> > > > to your IDS on another port. Another solution is the use of network
> > > taps.
> > > > A tap is a hardware device that can be inserted between two
> connections,
> > > and
> > > > copy the traffic off to your IDS. You could also use a Hub instead of
> a
> > > tap
> > > > in some solutions but I would not recommend it.
> > > >
> > > > Brian
> > >
> > > --------------------------------------------------------
> > > Ray Honeycutt 919.779.3055 Voice
> > > President 919.779.3464 Fax
> > > HCS Systems Inc. www.hcssystems.com
> > > 4470 Zacks Mill Rd. [EMAIL PROTECTED]
> > > Angier NC 27501, USA
> > >
--
Daemeon Reiydelle
Systems Engineer, Anthropomorphics Inc.
[EMAIL PROTECTED]
