Know How...

Mar 27th 2017

Know How... 297

Networking 101: Switches

Hosted by Fr. Robert Ballecer, SJ, Bryan Burnett

What is a switch, Address Resolution Protocol, and the right hardware for you!

Although the show is no longer in production, you can enjoy episodes from the TWiT Archives.
Subscribe on Apple Podcasts
Subscribe on Pocket Casts
Subscribe on Spotify
Subscribe on RSS
Subscribe on YouTube
Category: Help & How To

What is a switch and how does it work, ARP with poisoning, and find the right hardware for your network.

Switching    

Ok... let's talk about how switching works:
    
    ARP: Address Resolution Protocol
    * ARP maps a network address to a physical address
    -- For example, "192.168.1.77" isn't actually the name of an adapter on your network, even though it may have been assigned that address
    -- That adapter actually has a PHYSICAL address (in this case, an Ethernet address (MAC))
    -- The switch is responsible for knowing which network name is attached to which physical address
    
    Example:
    ** This is assuming that everything has JUST be turned on **
    * Computer 1, with IP address 10.10.1.55, on Switch A wants to send a packet to a Computer 10, with IP address 10.10.1.100, on Switch C
    * There is no entry for that IP address in the ARP table on Computer 1, so it sends a BROADCAST message on FF:FF:FF:FF:FF asking "Who is 10.10.1.100"?
    * That broadcast hits switch A, which is then rebroadcasted to all connected devices
    -- That includes being broadcast to Switch B, and Switch C, which then rebroadcast to all of THEIR connected devices
    * Computer 10, connected to Switch C, hears the broadcast message and replies, "I am 10.10.1.100, and my MAC is 00:00:00:11:11:11"
    * The message is heard by Switch C, which now knows that 00:00:00:11:11:11 is on Port 8
    * The message is head by Switch A, which now knows that 00:00:00:11:11:11 is on Port 5
    * The message is heard by Computer 1, which now knows that 10.10.1.100 is 00:00:00:11:11:11
    
    This system works... but the problem is that EVERY device can hear the broadcast message, and devices can be configured to LIE!
    
    Example:
    * A device on Switch B might listen for the broadcast, "Who is 10.10.1.1" (The gateway) and then reply, "I am 10.10.1.1, and my MAC is 00:00:00:aa:aa:aa"
    -- Now the device that was looking for the gateway will get all the traffic intended for the gateway.
    -- So that device can listen in to all the traffic that device sends out to the Internet

ARP Poisoning    

This system works... but the problem is that EVERY device can hear the broadcast message, and devices can be configured to LIE!
    
    Example:
    * A device on Switch B might listen for the broadcast, "Who is 10.10.1.1" (The gateway) and then reply, "I am 10.10.1.1, and my MAC is 00:00:00:aa:aa:aa"
    -- Now the device that was looking for the gateway will get all the traffic intended for the gateway.
    -- So that device can listen in to all the traffic that device sends out to the Internet

Switches    Things to consider when choosing a Switch        
    1. Speed        
    2. Ports        
    3. Management        
    4. POE        
    5. Noise        
            
    Speed:        
    * Gigabit is the standard (and will do 1000/100 when necessary)        
    * There are 10Gig switches, but they tend to be cost-prohibitive.  (Think 15-20x of a smart switch)        
    * Look for the bandwidth of the switching fabric.        
      - If you have a 4-port Gigabit switch, you need 8Gbps of switching fabric. (2Gb/port (up/down) X Ports)        
            
    Ports        
    * 8 Port is a good starting point        
    * If possible, get one with a SFP, SFP+ GBIC port. (But this will add to the expense)        
            
    The Perils of Daisy-Chaining        
    ** You CAN link switches together, but you'll be constrained by the throughput of the linking ports        
    * This is why we want "Home Runs" back to a centralized switch        
    * If you MUST daisy-chain, try to ensure that oft-requested and heavy-use devices are on the SAME switch, or at most 1-hop away.        
            
    Management        
    * Managed switches let you enable some INCREDIBLE features, but tend to increase the price 2x-5x        
    * Unmanaged switches are "Dumb Switches": They frame-switch, but that's about it.        
    * "SMART" (semi-managed) switches don't give you the flexibility of Managed switches, but they WILL support things like QoS and VLANs.        
            
    POE        
    * POE adds very little to the cost of a switch. Get one that has AT LEAST a few ports of POE enabled        
    * This will allow you to power certain network devices with the same cable that delivers network connectivity.        
    * Cameras and IoT devices FTW!        
            
    Noise        
    * AVOID switches with fans. Especially rack-mounted switches that tend to use small-bladed, high-speed fans.        
    * UNLESS you are dedicating a data center/data closet that can be acoustically isolated        
            
    My Choices        
    Netgear ProSAFE 8-Port Gigabit PoE Managed (Smart)    ~$80    
    * 8 ports // 16Gb Fabric        
    * They call it managed, but it's really Smart (QoS, VLAN, Port Mirroring)        
    * 4-ports of PoE        
    * Fanless        
            
            
    Netgear ProSAFE 16-Port Gigabit PoE Managed (Smart)    ~$160    
    * 16 ports // 32Gbps Fabric        
    * Smart Managed (Qos, VLAN, Port Mirroring)        
    * 8 ports of PoE        
    * Noisy Fan!        
            
    Cisco SG300 10-Port Gigabit Managed Switch    ~$150   
    * 10 ports //         
    * Managed        
    * No PoE        

Connect with us!

Thanks to CacheFly for the bandwidth for this show.

Sponsors

Send your questions and suggestions to knowhow@twit.tv.