1

How Ethernet Works

In today's business world, reliable and efficient access to information has become
an important asset in the quest to achieve a competitive advantage. File cabinets
and mountains of papers have given way to computers that store and manage
information electronically. Coworkers thousands of miles apart can share
information instantaneously, just as hundreds of workers in a single location can
simultaneously review research data maintained online.
Computer networking technologies are the glue that binds these elements together.
The public Internet allows businesses around the world to share information with
each other and their customers. The global computer network known as the World
Wide Web provides services that let consumers buy books, clothes, and even cars
online, or auction those same items off when no longer wanted.
In this article, we will take a very close look at networking, and in particular the
Ethernet networking standard, so you can understand the actual mechanics of how
all of these computers connect to one another.
Why Network?
Networking allows one computer to send information to and receive information
from another. We may not always be aware of the numerous times we access
information on computer networks. Certainly the Internet is the most conspicuous
example of computer networking, linking millions of computers around the world,
but smaller networks play a role in information access on a daily basis. Many public
libraries have replaced their card catalogs with computer terminals that allow
patrons to search for books far more quickly and easily. Airports have numerous
screens displaying information regarding arriving and departing flights. Many retail
stores feature specialized computers that handle point-of-sale transactions. In each
of these cases, networking allows many different devices in multiple locations to
access a shared repository of data.

2
Before getting into the details of a networking standard like Ethernet, we must first
understand some basic terms and classifications that describe and differentiate
network technologies -- so let's get started!

Local Area vs. Wide Area

We can classify network technologies as belonging to one of two basic
groups. Local area network (LAN) technologies connect many devices that are
relatively close to each other, usually in the same building. The library terminals
that display book information would connect over a local area network. Wide area
network (WAN) technologies connect a smaller number of devices that can be
many kilometers apart. For example, if two libraries at the opposite ends of a city
wanted to share their book catalog information, they would most likely make use of
a wide area network technology, which could be a dedicated line leased from the
local telephone company, intended solely to carry their data.
In comparison to WANs, LANs are faster and more reliable, but improvements in
technology continue to blur the line of demarcation. Fiber optic cables have
allowed LAN technologies to connect devices tens of kilometers apart, while at the
same time greatly improving the speed and reliability of WANs.
The Ethernet
In 1973, at Xerox Corporations Palo Alto Research Center (more commonly known
as PARC), researcher Bob Metcalfe designed and tested the first Ethernet network.
While working on a way to link Xeroxs "Alto computer to a printer, Metcalfe
developed the physical method of cabling that connected devices on the Ethernet
as well as the standards that governed communication on the cable. Ethernet has
since become the most popular and most widely deployed network technology in
the world. Many of the issues involved with Ethernet are common to many network
technologies, and understanding how Ethernet addressed these issues can provide
a foundation that will improve your understanding of networking in general.
The Ethernet standard has grown to encompass new technologies as computer
networking has matured, but the mechanics of operation for every Ethernet network
today stem from Metcalfes original design. The original Ethernet described
communication over a single cable shared by all devices on the network. Once a
device attached to this cable, it had the ability to communicate with any other
attached device. This allows the network to expand to accommodate new devices
without requiring any modification to those devices already on the network.
Ethernet Basics

3
Ethernet is a local area technology, with networks traditionally operating within a
single building, connecting devices in close proximity. At most, Ethernet devices
could have only a few hundred meters of cable between them, making it impractical
to connect geographically dispersed locations. Modern advancements have
increased these distances considerably, allowing Ethernet networks to span tens of
kilometers.

Protocols
In networking, the term protocol refers to a set of rules that govern
communications. Protocols are to computers what language is to humans. Since this
article is in English, to understand it you must be able to read English. Similarly, for
two devices on a network to successfully communicate, they must both Ethernet
Terminology
Ethernet follows a simple set of rules that govern its basic operation. To better
understand these rules, it is important to understand the basics of Ethernet
terminology.

Medium - Ethernet devices attach to a common medium that provides a path

along which the electronic signals will travel. Historically, this medium has
been coaxial copper cable, but today it is more commonly a twisted pair or
fiber optic cabling.

Segment - We refer to a single shared medium as an Ethernet segment.

Node - Devices that attach to that segment are stations or nodes.

Frame - The nodes communicate in short messages called frames, which are
variably sized chunks of information.

Frames are analogous to sentences in human language. In English, we have rules

for constructing our sentences: We know that each sentence must contain a subject
and a predicate. The Ethernet protocol specifies a set of rules for constructing
frames. There are explicit minimum and maximum lengths for frames, and a set of
required pieces of information that must appear in the frame. Each frame must
include, for example, both a destination address and a source address, which
identify the recipient and the sender of the message. The address uniquely
identifies the node, just as a name identifies a particular person. No two Ethernet
devices should ever have the same address.

Ethernet Medium
Since a signal on the Ethernet medium reaches every attached node, the
destination address is critical to identify the intended recipient of the frame.
For example, in the figure above, when computer B transmits to printer C,
computers A and D will still receive and examine the frame. However, when a
station first receives a frame, it checks the destination address to see if the frame is
intended for itself. If it is not, the station discards the frame without even examining
its contents.
One interesting thing about Ethernet addressing is the implementation of
a broadcast address. A frame with a destination address equal to the broadcast
address (simply called a broadcast, for short) is intended for every node on the
network, and every node will both receive and process this type of frame.
CSMA/CD
The acronym CSMA/CD signifies carrier-sense multiple access with collision
detection and describes how the Ethernet protocol regulates communication
among nodes. While the term may seem intimidating, if we break it apart into its
component concepts we will see that it describes rules very similar to those that
people use in polite conversation. To help illustrate the operation of Ethernet, we
will use an analogy of a dinner table conversation.
Lets represent our Ethernet segment as a dinner table, and let several people
engaged in polite conversation at the table represent the nodes. The term multiple
access covers what we already discussed above: When one Ethernet station
transmits, all the stations on the medium hear the transmission, just as when one
person at the table talks, everyone present is able to hear him or her.

5
Now let's imagine that you are at the table and you have something you would like
to say. At the moment, however, I am talking. Since this is a polite conversation,
rather than immediately speak up and interrupt, you would wait until I finished
talking before making your statement. This is the same concept described in the
Ethernet protocol as carrier sense. Before a station transmits, it "listens" to the
medium to determine if another station is transmitting. If the medium is quiet, the
station recognizes that this is an appropriate time to transmit.
Collision Detection
Carrier-sense multiple access gives us a good start in regulating our conversation,
but there is one scenario we still need to address. Lets go back to our dinner table
analogy and imagine that there is a momentary lull in the conversation. You and I
both have something we would like to add, and we both "sense the carrier" based
on the silence, so we begin speaking at approximately the same time. In Ethernet
terminology, a collision occurs when we both spoke at once.
In our conversation, we can handle this situation gracefully. We both hear the other
speak at the same time we are speaking, so we can stop to give the other person a
chance to go on. Ethernet nodes also listen to the medium while they transmit to
ensure that they are the only station transmitting at that time. If the stations hear
their own transmission returning in a garbled form, as would happen if some other
station had begun to transmit its own message at the same time, then they know
that a collision occurred. A single Ethernet segment is sometimes called a collision
domain because no two stations on the segment can transmit at the same time
without causing a collision. When stations detect a collision, they cease
transmission, wait a random amount of time, and attempt to transmit when they
again detect silence on the medium.
The random pause and retry is an important part of the protocol. If two stations
collide when transmitting once, then both will need to transmit again. At the next
appropriate chance to transmit, both stations involved with the previous collision
will have data ready to transmit. If they transmitted again at the first opportunity,
they would most likely collide again and again indefinitely. Instead, the random
delay makes it unlikely that any two stations will collide more than a few times in a
row.
Limitations of Ethernet
A single shared cable can serve as the basis for a complete Ethernet network, which
is what we discussed above. However, there are practical limits to the size of our
Ethernet network in this case. A primary concern is the length of the shared cable.
Electrical signals propagate along a cable very quickly, but they weaken as they
travel, and electrical interference from neighboring devices (fluorescent lights, for
example) can scramble the signal. A network cable must be short enough that

6
devices at opposite ends can receive each other's signals clearly and with minimal
delay. This places a distance limitation on the maximum separation between two
devices (called the network diameter) on an Ethernet network. Additionally, since
in CSMA/CD only a single device can transmit at a given time, there are practical
limits to the number of devices that can coexist in a single network. Attach too
many devices to one shared segment and contention for the medium will increase.
Every device may have to wait an inordinately long time before getting a chance to
transmit.
Engineers have developed a number of network devices that alleviate these
difficulties. Many of these devices are not specific to Ethernet, but play roles in
other network technologies as well.
Repeaters
The first popular Ethernet medium was a copper coaxial cable known as "thicknet."
The maximum length of a thick net cable was 500 meters. In large building or
campus environments, a 500-meter cable could not always reach every network
device. A repeater addresses this problem.
Repeaters connect multiple Ethernet segments, listening to each segment and
repeating the signal heard on one segment onto every other segment connected to
the repeater. By running multiple cables and joining them with repeaters, you can
significantly increase your network diameter.
Segmentation In our dinner table analogy, we had only a few people at a table
carrying out the conversation, so restricting ourselves to a single speaker at any
given time was not a significant barrier to communication. But what if there were
many people at the table and only one were allowed to speak at any given time?
In practice, we know that the analogy breaks down in circumstances such as these.
With larger groups of people, it is common for several different conversations to
occur simultaneously. If only one person in a crowded room or at a banquet dinner
were able to speak at any time, many people would get frustrated waiting for a
chance to talk. For humans, the problem is self-correcting: Voices only carry so far,
and the ear is adept at picking out a particular conversation from the surrounding
noise. This makes it easy for us to have many small groups at a party converse in
the same room; but network cables carry signals quickly and efficiently over long
distances, so this natural segregation of conversations does not occur.
Ethernet networks faced congestion problems as they increased in size. If a large
number of stations connected to the same segment and each generated a sizable
amount of traffic, many stations may attempt to transmit whenever there was an
opportunity. Under these circumstances, collisions would become more frequent and
could begin to choke out successful transmissions, which could take inordinately
large amounts of time to complete. One way to reduce congestion would be to split

7
a single segment into multiple segments, thus creating multiple collision
domains. This solution creates a different problem, as now these now separate
segments are not able to share information with each other

Bridges
To alleviate problems with segmentation, Ethernet networks implemented bridges.
Bridges connect two or more network segments, increasing the network diameter as
a repeater does, but bridges also help regulate traffic. They can send and receive
transmissions just like any other node, but they do not function the same as a
normal node. The bridge does not originate any traffic of its own; like a repeater, it
only echoes what it hears from other stations. (That last statement is not entirely
accurate: Bridges do create a special Ethernet frame that allows them to
communicate with other bridges, but that is outside the scope of this article.)
Remember how the multiple access and shared medium of Ethernet meant that
every station on the wire received every transmission, whether it was the intended
recipient or not? Bridges make use of this feature to relay traffic between segments.
In the figure above, the bridge connects segments 1 and 2. If station A or B were to
transmit, the bridge would also receive the transmission on segment 1. How should
the bridge respond to this traffic? It could automatically transmit the frame onto
segment 2, like a repeater, but that would not relieve congestion, as the network
would behave like one long segment.
One goal of the bridge is to reduce unnecessary traffic on both segments. It does
this by examining the destination address of the frame before deciding how to
handle it. If the destination address is that of station A or B, then there is no need
for the frame to appear on segment 2. In this case, the bridge does nothing. We can
say that the bridge filters or drops the frame. If the destination address is that of
station C or D, or if it is the broadcast address, then the bridge will transmit,
or forward the frame on to segment 2. By forwarding packets, the bridge allows
any of the four devices in the figure to communicate. Additionally, by filtering
packets when appropriate, the bridge makes it possible for station A to transmit to

8
station B at the same time that station C transmits to station D, allowing two
conversations to occur simultaneously!
Switches are the modern counterparts of bridges, functionally equivalent but
offering a dedicated segment for every node on the network (more on switches
later in the article).
Routers: Logical Segmentation
Bridges can reduce congestion by allowing multiple conversations to occur on
different segments simultaneously, but they have their limits in segmenting traffic
as well.
An important characteristic of bridges is that they forward Ethernet broadcasts to all
connected segments. This behavior is necessary, as Ethernet broadcasts are
destined for every node on the network, but it can pose problems for bridged
networks that grow too large. When a large number of stations broadcast on a
bridged network, congestion can be as bad as if all those devices were on a single
segment.
Routers are advanced networking components that can divide a single network
into two logically separate networks. While Ethernet broadcasts cross bridges in
their search to find every node on the network, they do not cross routers, because
the router forms a logical boundary for the network.
Routers operate based on protocols that are independent of the specific networking
technology, like Ethernet or token ring (we'll discuss token ring later). This allows
routers to easily interconnect various network technologies, both local and wide
area, and has led to their widespread deployment in connecting devices around the
world as part of the global Internet.

S
Switched Ethernet
Modern Ethernet implementations often look nothing like their historical
counterparts. Where long runs of coaxial cable provided attachments for multiple
stations in legacy Ethernet, modern Ethernet networks use twisted pair wiring or
fiber optics to connect stations in a radial pattern. Where legacy Ethernet
networks transmitted data at 10 megabits per second (Mbps), modern networks can
operate at 100 or even 1,000 Mbps!
Perhaps the most striking advancement in contemporary Ethernet networks is the
use of switched Ethernet. Switched networks replace the shared medium of
legacy Ethernet with a dedicated segment for each station. These segments
connect to a switch, which acts much like an Ethernet bridge, but can connect many
of these single station segments. Some switches today can support hundreds of
dedicated segments. Since the only devices on the segments are the switch and the
end station, the switch picks up every transmission before it reaches another node.
The switch then forwards the frame over the appropriate segment, just like a bridge,
but since any segment contains only a single node, the frame only reaches the

10
intended recipient. This allows many conversations to occur simultaneously on a
switched network.
Full-duplex Ethernet
Ethernet switching gave rise to advancement, full-duplex Ethernet. Full-duplex is a
data communications term that refers to the ability to send and receive data at the
same time.
Legacy Ethernet is half-duplex, meaning information can move in only one direction
at a time. In a totally switched network, nodes only communicate with the switch
and never directly with each other. Switched networks also employ either twisted
pair or fiber optic cabling, both of which use separate conductors for sending and
receiving data. In this type of environment, Ethernet stations can forgo the collision
detection process and transmit at will, since they are the only potential devices that
can access the medium. This allows end stations to transmit to the switch at the
same time that the switch transmits to them, achieving a collisionfree environment.
Ethernet or 802.3?
You may have heard the term 802.3 used in place of or in conjunction with the term
Ethernet. "Ethernet" originally referred to a networking implementation
standardized by Digital, Intel and Xerox. (For this reason, it is also known as
the DIX standard.)
In February 1980, the Institute of Electrical and Electronics Engineers,
or IEEE (pronounced "I triple E"), created a committee to standardize network
technologies. The IEEE titled this the 802 working group, named after the year and
month of its formation. Subcommittees of the 802 working group separately
addressed different aspects of networking. The IEEE distinguished each
subcommittee by numbering it 802.X, with X representing a unique number for each
subcommittee. The 802.3 group standardized the operation of a CSMA/CD network
that was functionally equivalent to the DIX Ethernet.
Ethernet and 802.3 differ slightly in their terminology and the data format for their
frames, but are in most respects identical. Today, the term Ethernet refers
generically to both the DIX Ethernet implementation and the IEEE 802.3 standard.

11

Alternative Network Technologies: Token Ring

The most common local area network alternative to Ethernet is a network
technology developed by IBM, called token ring. Where Ethernet relies on the
random gaps between transmissions to regulate access to the medium, token ring
implements a strict, orderly access method. A token-ring network arranges nodes in
a logical ring, as shown below. The nodes forward frames in one direction around
the ring, removing a frame when it has circled the ring once.
1. The ring initializes by creating a token, which is a special type of frame that
gives a station permission to transmit.
2. The token circles the ring like any frame until it encounters a station that
wishes to transmit data.
3. This station then "captures" the token by replacing the token frame with a
data-carrying frame, which encircles the network.
4. Once that data frame returns to the transmitting station, that station
removes the data frame, creates a new token and forwards that token on to
the next node in the ring.
Token-ring nodes do not look for a carrier signal or listen for collisions; the presence
of the token frame provides assurance that the station can transmit a data frame
without fear of another station interrupting. Because a station transmits only a
single data frame before passing the token along, each station on the ring will get a
turn to communicate in a deterministic and fair manner. Token-ring networks
typically transmit data at either 4 or 16 Mbps.

12
Fiber-distributed data interface (FDDI) is another token-passing technology that
operates over a pair of fiber optic rings, with each ring passing a token in opposite
directions. FDDI networks offered transmission speeds of 100 Mbps, which initially
made them quite popular for high-speed networking. With the advent of 100-Mbps
Ethernet, which is cheaper and easier to administer, FDDI has waned in popularity.
Alternative Network Technologies: Asynchronous transfer mode
A final network technology that bears mentioning is asynchronous transfer
mode, or ATM. ATM networks blur the line between local and wide area networking,
being able to attach many different devices with high reliability and at high speeds,
even across the country. ATM networks are suitable for carrying not only data, but
voice and video traffic as well, making them versatile and expandable. While ATM
has not gained acceptance as rapidly as originally predicted, it is nonetheless a
solid network technology for the future.
Ethernets popularity continues to grow. With almost 30 years of industry
acceptance, the standard is well known and well understood, which makes
configuration and troubleshooting easier. As other technologies advanced, Ethernet
has evolved to keep pace, increasing in speed and functionality.

The Internet is one of the 20th century's greatest communications developments. It

allows people around the world to send e-mail to one another in a matter of
seconds, and it lets you read, among other things, the articles
on HowStuffWorks.com.

13
We're all used to seeing the various parts of the Internet that come into our homes
and offices the Web pages, e-mail messages and downloaded files that make the
Internet a dynamic and valuable medium. But none of these parts would ever make
it to your computer without a piece of the Internet that you've probably never seen.
In fact, most people have never stood "face to machine" with the technology most
responsible for allowing the Internet to exist at all: the router.
When you send e-mail to a friend on the other side of the country, how does the
message know to end up on your friend's computer, rather than on one of the
millions of other computers in the world? Much of the work to get a message from
one computer to another is done by routers, because they're the crucial devices
that let messages flow between networks, rather than within networks.
Let's look at what a very simple router might do. Imagine a small company that
makes animated 3-D graphics for local television stations. There are 10 employees
of the company, each with a computer. Four of the employees are animators, while
the rest are in sales, accounting and management. The animators will need to send
lots of very large files back and forth to one another as they work on projects. To do
this, they'll use a network.
When one animator sends a file to another, the very large file will use up most of
the network's capacity, making the network run very slowly for other users. One of
the reasons that a single intensive user can affect the entire network stems from
the way that Ethernet works. Each information packet sent from a computer is seen
by all the other computers on the local network. Each computer then examines the
packet and decides whether it was meant for its address. This keeps the basic plan
of the network simple, but has performance consequences as the size of the
network or level of network activity increases. To keep the animators' work from
interfering with that of the folks in the front office, the company sets up two
separate networks, one for the animators and one for the rest of the company. A
router links the two networks and connects both networks to the Internet.
Directing Traffic
The router is the only device that sees every message sent by any computer on
either of the company's networks. When the animator in our example sends a huge
file to another animator, the router looks at the recipient's address and keeps the
traffic on the animator's network. When an animator, on the other hand, sends a
message to the bookkeeper asking about an expense-account check, then the
router sees the recipient's address and forwards the message between the two
networks.
One of the tools a router uses to decide where a packet should go is
a configuration table. A configuration table is a collection of information,
including:

14

Information on which connections lead to particular groups of addresses

Priorities for connections to be used

Rules for handling both routine and special cases of traffic

A configuration table can be as simple as a half-dozen lines in the smallest routers,

but can grow to massive size and complexity in the very large routers that handle
the bulk of Internet messages.
A router, then, has two separate but related jobs:

The router ensures that information doesn't go where it's not needed. This is
crucial for keeping large volumes of data from clogging the connections of
"innocent bystanders."

The router makes sure that information does make it to the intended
destination.

In performing these two jobs, a router is extremely useful in dealing with two
separate computer networks. It joins the two networks, passing information from
one to the other and, in some cases, performing translations of
various protocols between the two networks. It also protects the networks from
one another, preventing the traffic on one from unnecessarily spilling over to the
other. As the number of networks attached to one another grows, the configuration
table for handling traffic among them grows, and the processing power of the router
is increased. Regardless of how many networks are attached, though, the basic
operation and function of the router remains the same. Since the Internet is one
huge network made up of tens of thousands of smaller networks, its use of routers
is an absolute necessity.
Transmitting Packets
When you make a telephone call to someone on the other side of the country, the
telephone system establishes a stable circuit between your telephone and the
telephone you're calling. The circuit might involve a half dozen or more steps
through copper cables, switches, fiber optics, microwaves and satellites, but those
steps are established and remain constant for the duration of the call. This circuit
approach means that the quality of the line between you and the person you're
calling is consistent throughout the call, but a problem with any portion of the
circuit -- maybe a tree falls across one of the lines used, or there's a power problem
with a switch -- brings your call to an early and abrupt end. When you send an email message with an attachment to the other side of the country, a very different
process is used.
Internet data, whether in the form of a Web page, a downloaded file or an email message, travels over a system known as a packet-switching network. In

15
this system, the data in a message or file is broken up into packages about
1,500 bytes long. Each of these packages gets a wrapper that includes information
on the sender's address, the receiver's address, the package's place in the entire
message, and how the receiving computer can be sure that the package arrived
intact. Each data package, called a packet, is then sent off to its destination via the
best available route -- a route that might be taken by all the other packets in the
message or by none of the other packets in the message. This might seem very
complicated compared to the circuit approach used by the telephone system, but in
a network designed for data there are two huge advantages to the packet-switching
plan.

The network can balance the load across various pieces of equipment on a
millisecond-by-millisecond basis.

If there is a problem with one piece of equipment in the network while a

message is being transferred, packets can be routed around the problem,
ensuring the delivery of the entire message.

The Path of a Packet

The routers that make up the main part of the Internet can reconfigure the
paths that packets take because they look at the information surrounding the data
packet, and they tell each other about line conditions, such as delays in receiving
and sending data and traffic on various pieces of the network. Not all routers do so
many jobs, however. Routers come in different sizes. For example:

If you have enabled Internet connection sharing between two Windows 98based computers, you're using one of the computers (the computer with the
Internet connection) as a simple router. In this instance, the router does so
little -- simply looking at data to see whether it's intended for one computer
or the other -- that it can operate in the background of the system without
significantly affecting the other programs you might be running.

Slightly larger routers, the sort used to connect a small office network to the
Internet, will do a bit more. These routers frequently enforce rules concerning
security for the office network (trying to secure the network from certain
attacks). They handle enough traffic that they're generally stand-alone
devices rather than software running on a server.

The largest routers, those used to handle data at the major traffic points on
the Internet, handle millions of data packets every second and work to
configure the network most efficiently. These routers are large stand-alone

16
systems that have far more in common with supercomputers than with your
office server.

Routing Packets: An Example

Let's take a look at a medium-sized router -- the router we use in the office. In our case, the router only
has two networks to worry about: The office network, with about 50 computers and devices, and the
Internet. The office network connects to the router through an Ethernet connection, specifically a 100
base-T connection (100 base-T means that the connection is 100 megabits per second, and uses a
twisted-pair cable like an 8-wire version of the cable that connects your telephone to the wall jack). There
are two connections between the router and our ISP (Internet service provider). One is a T-1 connection
that supports 1.5 megabits per second. The other is an ISDN line that supports 128 kilobits per second.
The configuration table in the router tells it that all out-bound packets are to use the T-1 line, unless it's
unavailable for some reason (perhaps a backhoe digs up the cable). If it can't be used, then outbound
traffic goes on the ISDN line. This way, the ISDN line is held as "insurance" against a problem with the
faster T-1 connection, and no action by a staff member is required to make the switch in case of trouble.
The router's configuration table knows what to do.
In addition to routing packets from one point to another, the router has rules limiting how computers from
outside the network can connect to computers inside the network, how the network appears to the outside
world, and other security functions. While most companies also have a special piece of hardware or
software called a firewall to enforce security, the rules in a router's configuration table are important to
keeping a company's (or family's) network secure.
One of the crucial tasks for any router is knowing when a packet of information stays on its local network.
For this, it uses a mechanism called a subnet mask. The subnet mask looks like an IP address and
usually reads "255.255.255.0." This tells the router that all messages with the sender and receiver having
an address sharing the first three groups of numbers are on the same network, and shouldn't be sent out
to another network. Here's an example: The computer at address 15.57.31.40 sends a request to the
computer at 15.57.31.52. The router, which sees all the packets, matches the first three groups in the
address of both sender and receiver (15.57.31), and keeps the packet on the local network. (You'll learn
more about how the addresses work in the next section.)
Between the time these words left the Howstuffworks.com server and the time they showed up on your
monitor, they passed through several routers (it's impossible to know ahead of time exactly how many
"several" might be) that helped them along the way. It's very similar to the process that gets a postal letter
from your mailbox to the mailbox of a friend, with routers taking the place of the mail sorters and handlers
along the way.

Knowing Where to Send Data

Routers are one of several types of devices that make up the "plumbing" of a
computer network. Hubs, switches and routers all take signals from computers or
networks and pass them along to other computers and networks, but a router is the

17
only one of these devices that examines each bundle of data as it passes and
makes a decision about exactly where it should go. To make these decisions, routers
must first know about two kinds of information: addresses and network
structure.
When a friend mails a birthday card to be delivered to you at your house, he
probably uses an address that looks something like this:
The address has several pieces, each of which helps the people in the postal service
move the letter along to your house. The ZIP code can speed the process up; but
even without the ZIP code, the card will get to your house as long as your friend
includes your state, city and street address. You can think of this address as
a logical address because it describes a way someone can get a message to you.
This logical address is connected to a physical address that you generally only see
when you're buying or selling a piece of property. The survey plot of the land and
house, with latitude, longitude or section bearings, gives the legal description, or
address, of the property.
Logical Addresses
Every piece of equipment that connects to a network, whether an office network or
the Internet, has a physical address. This is an address that's unique to the piece of
equipment that's actually attached to the network cable. For example, if your
desktop computer has a network interface card (NIC) in it, the NIC has a physical
address permanently stored in a special memory location. This physical address,
which is also called the MAC address (for Media Access Control) has two parts, each
3 bytes long. The first 3 bytes identify the company that made the NIC. The second
3 bytes are the serial number of the NIC itself.
The interesting thing is that your computer can have several logical addresses at
the same time. Of course, you're used to having several "logical addresses" bring
messages to one physical address. Your mailing address, telephone number (or
numbers) and home e-mail address all work to bring messages to you when you're
in your house. They are simply used for different types of messages -- different
networks, so to speak.
Logical addresses for computer networks work in exactly the same way. You may be
using the addressing schemes, or protocols, from several different types of networks
simultaneously. If you're connected to the Internet (and if you're reading this, you
probably are), then you have an address that's part of the TCP/IP network protocol.
If you also have a small network set up to exchange files between several family
computers, then you may also be using the Microsoft NetBEUI protocol. If you
connect to your company's network from home, then your computer may have an
address that follows Novell's IPX/SPX protocol. All of these can coexist on your
computer. Since the driver software that allows your computer to communicate with
each network uses resources like memory and CPU time, you don't want to load

18
protocols you won't need, but there's no problem with having all the protocols your
work requires running at the same time.
MAC Addresses
The chances are very good that you'll never see the MAC address for any of your
equipment because the software that helps your computer communicate with a
network takes care of matching the MAC address to a logical address. The logical
address is what the network uses to pass information along to your computer.
If you'd like to see the MAC address and logical address used by the Internet
Protocol (IP) for your Windows computer, you can run a small program that Microsoft
provides. Go to the "Start" menu, click on "Run," and in the window that appears,
type WINIPCFG (IPCONFIG/ALL for Windows 2000/XP). When the gray window
appears, click on "More Info" and you'll get this sort of information:
Windows 98 IP Configuration:
Host Name: NAMEHOWSTUFFWORKS
DNS Servers: 208.153.64.20
&nbsp208.153.0.5
Node Type: Broadcast
NetBIOS Scope ID:
IP Routing Enabled: Yes
WINS Proxy Enabled: No
NetBIOS Resolution Uses DNS: No
Ethernet adapter:
Description: PPP Adapter
Physical Address: 44-45-53-54-12-34
DHCP Enabled: Yes
IP Address: 227.78.86.288
Subnet Mask: 255.255.255.0
Default Gateway: 227.78.86.288
DHCP Server: 255.255.255.255

19
Primary WINS Server:
Secondary WINS Server: Lease Obtained: 01 01 80 12:00:00 AM
Lease Expires: 01 01 80 12:00:00 AM
There's a lot of information here that will vary depending on exactly how your
connection to the Internet is established, but the physical address is the MAC
address of the adapter queried by the program. The IP address is the logical address
assigned to your connection by your ISP or network administrator. You'll see the
addresses of other servers, including the DNS servers that keep track of all the
names of Internet sites (so you can type "www.howstuffworks.com" rather than
"216.27.61.189") and the gateway server that you connect to in order to reach the
Internet. When you've finished looking at the information, click OK. (Note: For
security reasons, some of the information about this connection to the Internet has
been changed. You should be very careful about giving your computer's information
to other people -- with your address and the right tools, an unscrupulous person
could, in some circumstances, gain access to your personal information and control
your system through a "Trojan Horse" program.
Understanding the Protocols
The first and most basic job of the router is to know where to send information
addressed to your computer. Just as the mail handler on the other side of the
country knows enough to keep a birthday card coming toward you without knowing
where your house is, most of the routers that forward an e-mail message to you
don't know your computer's MAC address, but they know enough to keep the
message flowing.
Routers are programmed to understand the most common network protocols. That
means they know the format of the addresses, how many bytes are in the basic
package of data sent out over the network, and how to make sure all the packages
reach their destination and get reassembled. For the routers that are part of the
Internet's main "backbone," this means looking at, and moving on, millions of
information packages every second. And simply moving the package along to its
destination isn't all that a router will do. It's just as important, in today's
computerized world, that they keep the message flowing by the best possible
route.
In a modern network, every e-mail message is broken up into small pieces. The
pieces are sent individually and reassembled when they're received at their final
destination. Because the individual pieces of information are called packets and
each packet can be sent along a different path, like a train going through a set of
switches, this kind of network is called a packet-switched network. It means that
you don't have to build a dedicated network between you and your friend on the

20
other side of the country. Your e-mail flows over any one of thousands of different
routes to get from one computer to the other.
Depending on the time of day and day of the week, some parts of the huge public
packet-switched network may be busier than others. When this happens, the routers
that make up this system will communicate with one another so that traffic not
bound for the crowded area can be sent by less congested network routes. This lets
the network function at full capacity without excessively burdening already-busy
areas. You can see, though, how Denial of Service attacks (described in the next
section), in which people send millions and millions of messages to a particular
server, will affect that server and the routers forwarding message to it. As the
messages pile up and pieces of the network become congested, more and more
routers send out the message that they're busy, and the entire network with all its
users can be affected.
Tracing a Message
If you're using a Microsoft Windows-based system, you can see just how many
routers are involved in your Internet traffic by using a program you have on your
computer. The program is called Traceroute, and that describes what it does -- it
traces the route that a packet of information takes to get from your computer to
another computer connected to the Internet. To run this program, click on the "MSDOS Prompt" icon on the "Start" menu. Then, at the"C:\WINDOWS>" prompt,
type "tracert www.howstuffworks.com". When I did this from my office in
Florida, the results looked like this:
The first number shows how many routers are between your computer and the
router shown. In this instance, there were a total of 14 routers involved in the
process (number 15 is the Howstuffworks.com Web server). The next three numbers
show how long it takes a packet of information to move from your computer to the
router shown and back again. Next, in this example, starting with step six, comes
the "name" of the router or server. This is something that helps people looking at
the list but is of no importance to the routers and computers as they move traffic
along the Internet. Finally, you see the Internet Protocol (IP) address of each
computer or router. The final picture of this trace route shows that there were 14
routers between the Web server and me and that it took, on average, a little more
than 2.5 seconds for information to get from my computer to the server and back
again.
You can use Traceroute to see how many routers are between you and any other
computer you can name or know the IP address for. It can be interesting to see how
many steps are required to get to computers outside your nation. Since I live in the
United States, I decided to see how many routers were between my computer and
the Web server for the British Broadcasting Corporation. At
the C:\WINDOWS> prompt, I typed tracert www.bbc.com. The result was this:

21

You can see that it took only one more step to reach a Web server on the other side
of the Atlantic Ocean than it did to reach a server two states away!
On the next page, we'll go into detail about Denial of Service attacks.
Denial of Service Attacks
In the first quarter of 2000, there were several attacks on very popular Web sites.
Most of these were "Denial of Service" attacks -- attacks that served to prevent
regular readers and customers of the sites from getting a response to their
requests. How did someone manage to do this? They did it by flooding the servers,
and their attached routers, with requests for information at a rate far too great for
the system to handle.
Most routers have rules in the configuration table that won't allow millions of
requests from the same sending address. If too many requests from one address are
received in a short period of time, the router simply discards them without
forwarding. The people responsible for the attacks knew this, so they illicitly planted
programs on many different computers. These programs, when triggered, began
sending thousands of requests a minute to one or more Web sites. The programs
"spoofed" the IP address of the sender, placing a different false IP address on each
packet so that the routers' security rules wouldn't be triggered.
When the packet floods were triggered, millions of requests for information began
to hit the targeted Web sites. While the servers were being heavily taxed by the
requests, the real impact was to the routers just "upstream" from the servers.
Suddenly these routers, which were robust but of a size appropriate for normal
traffic, were getting the levels of requests normally associated with Internet
backbone routers. They couldn't handle the massive number of packets, and began
discarding packets and sending status messages to other routers stating that the

22
connection was full. As these messages cascaded through the routers leading to
attacked servers, all paths to the servers were clogged, legitimate traffic couldn't
get through the logjam, and the attackers' goals were accomplished.
Web content providers and router companies have placed new rules designed to
prevent such an attack in the configuration tables, and the companies and
universities whose computers were used to launch the attacks have worked to
prevent their systems being used maliciously. Whether their defenses, or the new
attacks designed by criminals, will prevail remains to be seen.
Backbone of the Internet
In order to handle all the users of even a large private network, millions and millions
of traffic packets must be sent at the same time. Some of the largest routers are
made by Cisco Systems, Inc., a company that specializes in networking hardware.
Cisco's Gigabit Switch Router 12000 series of routers is the sort of equipment
that is used on the backbone of the Internet. These routers use the same sort of
design as some of the most powerful supercomputers in the world, a design that
ties many different processors together with a series of extremely fast switches. The
12000 series uses 200-MHz MIPS R5000 processors, the same type of processor
used in the workstations that generate much of the computer animation and special
effects used in movies. The largest model in the 12000 series, the 12016, uses a
series of switches that can handle up to 320 billion bits of information per
second and, when fully loaded with boards, move as many as 60 million packets
of data every second. Beyond the computing power of the processors, these
routers can handle so much information because they are very highly specialized.
Relieved of the burden of displaying 3-D graphics and waiting for mouse input,
modern processors and software can cope with amazing amounts of information.
Even with the computing power available in a very large router, how does it know
which of the many possibilities for outbound connection a particular packet should
take? The answer lies back in the configuration table. The router will scan the
destination address and match that IP address against rules in the configuration
table. The rules will say that packets in a particular group of addresses (a group that
may be large or small, depending on precisely where the router is) should go in a
specific direction. Next the router will check the performance of the primary
connection in that direction against another set of rules. If the performance of the
connection is good enough, the packet is sent, and the next packet handled. If the
connection is not performing up to expected parameters, then an alternate is
chosen and checked. Finally, a connection will be found with the best performance
at a given moment, and the packet will be sent on its way. All of this happens in a
tiny fraction of a second, and this activity goes on millions of times a second,
around the world, 24 hours every day.

23
Knowing where and how to send a message is the most important job of a router.
Some simple routers do this and nothing more. Other routers add additional
functions to the jobs they perform. Rules about where messages from inside a
company may be sent and from which companies messages are accepted can be
applied to some routers. Others may have rules that help minimize the damage
from "denial of service" attacks. The one constant is that modern networks,
including the Internet, could not exist without the router.
How LAN Switches Work

In the case of the Internet, all of these pieces work together to allow your computer
to send information to another computer that could be on the other side of the
world!
Switches are another fundamental part of many networks because they speed
things up. Switches allow different nodes (a network connection point, typically a
computer) of a network to communicate directly with one another in a smooth and
efficient manner.
There are many different types of switches and networks. Switches that provide a
separate connection for each node in a company's internal network are called LAN
switches. Essentially, a LAN switch creates a series of instant networks that
contain only the two devices communicating with each other at that particular
moment. In this article, we will focus on Ethernet networks that use LAN switches.
You will learn what a LAN switch is and how transparent bridging works, as well as
about VLANs, trunking and spanning trees.

24

Networking Basics
Here are some of the fundamental parts of a network:

Network - A network is a group of computers connected together in a way

that allows information to be exchanged between the computers.

Node - A node is anything that is connected to the network. While a node is

typically a computer, it can also be something like a printer orCD-ROM tower.

Segment - A segment is any portion of a network that is separated, by a

switch, bridge or router, from other parts of the network.

Backbone - The backbone is the main cabling of a network that all of the
segments connect to. Typically, the backbone is capable of carrying more
information than the individual segments. For example, each segment may
have a transfer rate of 10 Mbps (megabits per second), while the backbone
may operate at 100 Mbps.

Topology - Topology is the way that each node is physically connected to the
network (more on this in the next section).

Local Area Network (LAN) - A LAN is a network of computers that are in

the same general physical location, usually within a building or a campus. If
the computers are far apart (such as across town or in different cities), then
a Wide Area Network (WAN) is typically used.

Network Interface Card (NIC) - Every computer (and most other devices)
is connected to a network through an NIC. In most desktop computers, this is
an Ethernet card (normally 10 or 100 Mbps) that is plugged into a slot on the
computer's motherboard.

Media Access Control (MAC) address - This is the physical address of any
device -- such as the NIC in a computer -- on the network. The MAC address,
which is made up of two equal parts, is 6 bytes long. The first 3 bytes identify
the company that made the NIC. The second 3 bytes are the serial number of
the NIC itself.

25

Unicast - A unicast is a transmission from one node addressed specifically to

another node.

Multicast - In a multicast, a node sends a packet addressed to a special

group address. Devices that are interested in this group register to receive
packets addressed to the group. An example might be aCisco router sending
out an update to all of the other Cisco routers.

Broadcast - In a broadcast, a node sends out a packet that is intended for

transmission to all other nodes on the network.

On the next page, we'll discuss some of the most common network topologies.

Bus network topology

Network Topologies
Some of the most common topologies in use today include:

26

Star network topology

A typical star bus network

Bus - Each node is daisy-chained (connected one right after the other)
along the same backbone, similar to Christmas lights. Information sent from a
node travels along the backbone until it reaches its destination node. Each
end of a bus network must be terminated with a resistor to keep the signal

27
that is sent by a node across the network from bouncing back when it
reaches the end of the cable.

Ring - Like a bus network, rings have the nodes daisy-chained. The difference
is that the end of the network comes back around to the first node, creating a
complete circuit. In a ring network, each node takes a turn sending and
receiving information through the use of a token. The token, along with any
data, is sent from the first node to the second node, which extracts the data
addressed to it and adds any data it wishes to send. Then, the second node
passes the token and data to the third node, and so on until it comes back
around to the first node again. Only the node with the token is allowed to
send data. All other nodes must wait for the token to come to them.

Star - In a star network, each node is connected to a central device called

a hub. The hub takes a signal that comes from any node and passes it along
to all the other nodes in the network. A hub does not perform any type of
filtering or routing of the data. It is simply a junction that joins all the different
nodes together.

Star bus - Probably the most common network topology in use today, star
bus combines elements of the star and bus topologies to create a versatile
network environment. Nodes in particular areas are connected to hubs
(creating stars), and the hubs are connected together along the network
backbone (like a bus network). Quite often, stars are nested within stars, as
seen in the example below:

The Problem: Traffic

In the most basic type of network found today, nodes are simply connected
together using hubs. As a network grows, there are some potential problems with
this configuration:

Scalability - In a hub network, limited shared bandwidth makes it difficult to

accommodate significant growth without sacrificing performance.
Applications today need more bandwidth than ever before. Quite often, the
entire network must be redesigned periodically to accommodate growth.

Latency - This is the amount of time that it takes a packet to get to its
destination. Since each node in a hub-based network has to wait for an
opportunity to transmit in order to avoid collisions, the latency can increase
significantly as you add more nodes. Or, if someone is transmitting a large
file across the network, then all of the other nodes have to wait for an
opportunity to send their own packets. You have probably seen this before at
work -- you try to access a server or the Internet and suddenly everything
slows down to a crawl.

28

Network failure - In a typical network, one device on a hub can cause

problems for other devices attached to the hub due to incorrect speed
settings (100 Mbps on a 10-Mbps hub) or excessive broadcasts. Switches can
be configured to limit broadcast levels.

Collisions - Ethernet uses a process called CSMA/CD (Carrier Sense Multiple

Access with Collision Detection) to communicate across the network. Under
CSMA/CD, a node will not send out a packet unless the network is clear of
traffic. If two nodes send out packets at the same time, a collision occurs and
the packets are lost. Then both nodes wait a random amount of time and
retransmit the packets. Any part of the network where there is a possibility
that packets from two or more nodes will interfere with each other is
considered to be part of the same collision domain. A network with a large
number of nodes on the same segment will often have a lot of collisions and
therefore a large collision domain.

While hubs provide an easy way to scale up and shorten the distance that the
packets must travel to get from one node to another, they do not break up the
actual network into discrete segments. That is where switches come in. In the next
section, you'll find out how switches assist in directing network traffic.

Imagine that each vehicle is a packet of data waiting for an opportunity to

continue on its trip.
The Solution: Adding Switches
Think of a hub as a four-way intersection where everyone has to stop. If more than
one car reaches the intersection at the same time, they have to wait for their turn
to proceed.
Now imagine what this would be like with a dozen or even a hundred roads
intersecting at a single point. The amount of waiting and the potential for a collision
increases significantly. But wouldn't it be amazing if you could take an exit ramp
from any one of those roads to the road of your choosing? That is exactly what a
switch does for network traffic. A switch is like a cloverleaf intersection -- each car

29
can take an exit ramp to get to its destination without having to stop and wait for
other traffic to go by.
A vital difference between a hub and a switch is that all the nodes connected to a
hub share the bandwidth among themselves, while a device connected to a switch
port has the full bandwidth all to itself. For example, if 10 nodes are
communicating using a hub on a 10-Mbps network, then each node may only get a
portion of the 10 Mbps if other nodes on the hub want to communicate as well. But
with a switch, each node could possibly communicate at the full 10 Mbps. Think
about our road analogy. If all of the traffic is coming to a common intersection, then
each car it has to share that intersection with every other car. But a cloverleaf
allows all of the traffic to continue at full speed from one road to the next.

An example of a network using a switch

Image courtesy Cisco Networks
Fully Switched Networks
In a fully switched network, switches replace all the hubs of an Ethernet network
with a dedicated segment for every node. These segments connect to a switch,
which supports multiple dedicated segments (sometimes in the hundreds). Since
the only devices on each segment are the switch and the node, the switch picks up
every transmission before it reaches another node. The switch then forwards the
frame over the appropriate segment. Since any segment contains only a single
node, the frame only reaches the intended recipient. This allows many
conversations to occur simultaneously on a switched network.
Switching allows a network to maintain full-duplex Ethernet. Before switching,
Ethernet was half-duplex, which means that data could be transmitted in only one
direction at a time. In a fully switched network, each node communicates only with
the switch, not directly with other nodes. Information can travel from node to switch
and from switch to node simultaneously.

30
Fully switched networks employ either twisted-pair or fiber-optic cabling, both of
which use separate conductors for sending and receiving data. In this type of
environment, Ethernet nodes can forgo the collision detection process and transmit
at will, since they are the only potential devices that can access the medium. In
other words, traffic flowing in each direction has a lane to itself. This allows nodes to
transmit to the switch as the switch transmits to them -- it's a collision-free
environment. Transmitting in both directions can effectively double the apparent
speed of the network when two nodes are exchanging information. If the speed of
the network is 10 Mbps, then each node can transmit simultaneously at 10 Mbps.

A mixed network with two switches and three hubs

Mixed Networks
Most networks are not fully switched because of the costs incurred in replacing all of
the hubs with switches.
Instead, a combination of switches and hubs are used to create an efficient yet costeffective network. For example, a company may have hubs connecting the
computers in each department and then a switch connecting all of the departmentlevel hubs.

31

The OSI Reference Model consists of seven layers that build from the wire
(Physical) to the software (Application).
Routers and Switches
You can see that a switch has the potential to radically change the way nodes
communicate with each other. But you may be wondering what makes it different
from arouter. Switches usually work atLayer 2 (Data or Datalink) of theOSI
Reference Model, using MAC addresses, while routers work atLayer 3 (Network) with
Layer 3 addresses (IP, IPX or Appletalk, depending on which Layer 3 protocols are
being used). Thealgorithm that switches use to decide how to forward packets is
different from the algorithms used by routers to forward packets.
One of these differences in the algorithms between switches and routers is
how broadcasts are handled. On any network, the concept of a broadcast packet is
vital to the operability of a network. Whenever a device needs to send out
information but doesn't know who it should send it to, it sends out a broadcast. For
example, every time a new computer or other device comes on to the network, it
sends out a broadcast packet to announce its presence. The other nodes (such as
a domain server) can add the computer to their browser list (kind of like an
address directory) and communicate directly with that computer from that point on.

32
Broadcasts are used any time a device needs to make an announcement to the rest
of the network or is unsure of who the recipient of the information should be.
A hub or a switch will pass along any broadcast packets they receive to all the other
segments in the broadcast domain, but a router will not. Think about our four-way
intersection again: All of the traffic passed through the intersection no matter where
it was going. Now imagine that this intersection is at an international border. To pass
through the intersection, you must provide the border guard with the specific
address that you are going to. If you don't have a specific destination, then the
guard will not let you pass. A router works like this. Without the specific address of
another device, it will not let the data packet through. This is a good thing for
keeping networks separate from each other, but not so good when you want to talk
between different parts of the same network. This is where switches come in.
Packet-switching
LAN switches rely on packet-switching. The switch establishes a connection
between two segments just long enough to send the current packet. Incoming
packets (part of an Ethernet frame) are saved to a temporary memory area
(buffer); the MAC address contained in the frame's header is read and then
compared to a list of addresses maintained in the switch's lookup table. In an
Ethernet-based LAN, an Ethernet frame contains a normal packet as the payload of
the frame, with a special header that includes the MAC address information for the
source and destination of the packet.
Packet-based switches use one of three methods for routing traffic:

Cut-through

Store-and-forward

Fragment-free

Cut-through switches read the MAC address as soon as a packet is detected by the
switch. After storing the 6 bytes that make up the address information, they
immediately begin sending the packet to the destination node, even as the rest of
the packet is coming into the switch.
A switch using store-and-forward will save the entire packet to the buffer and
check it for CRC errors or other problems before sending. If the packet has an error,
it is discarded. Otherwise, the switch looks up the MAC address and sends the
packet on to the destination node. Many switches combine the two methods, using
cut-through until a certain error level is reached and then changing over to storeand-forward. Very few switches are strictly cut-through, since this provides no error
correction.

33
A less common method is fragment-free. It works like cut-through except that it
stores the first 64 bytes of the packet before sending it on. The reason for this is
that most errors, and all collisions, occur during the initial 64 bytes of a packet.
Switch Configurations
LAN switches vary in their physical design. Currently, there are three popular
configurations in use:

Shared memory - This type of switch stores all incoming packets in a

common memory buffer shared by all the switch ports (input/output
connections), then sends them out via the correct port for the destination
node.

Matrix - This type of switch has an internal grid with the input ports and the
output ports crossing each other. When a packet is detected on an input port,
the MAC address is compared to the lookup table to find the appropriate
output port. The switch then makes a connection on the grid where these two
ports intersect.

Bus architecture - Instead of a grid, an internal transmission path

(common bus) is shared by all of the ports using TDMA. A switch based on
this configuration has a dedicated memory buffer for each port, as well as
an ASIC to control the internal bus access.

Transparent Bridging
Most Ethernet LAN switches use a very cool system called transparent
bridging to create their address lookup tables. Transparent bridging is a technology
that allows a switch to learn everything it needs to know about the location of nodes
on the network without the network administrator having to do anything.
Transparent bridging has five parts:

Learning

Flooding

Filtering

Forwarding

Aging

Here's how it works:

In the next section, you'll get a step-by-step description of how transparent bridging
works.

34

The switch is added to the network, and the various segments are plugged
into the switch's ports.

A computer (Node A) on the first segment (Segment A) sends data to a

computer (Node B) on another segment (Segment C).

The switch gets the first packet of data from Node A. It reads the MAC
address and saves it to the lookup table for Segment A. The switch now
knows where to find Node A anytime a packet is addressed to it. This process
is called learning.

Since the switch does not know where Node B is, it sends the packet to all of
the segments except the one that it arrived on (Segment A). When a switch
sends a packet out to all segments to find a specific node, it is
called flooding.

Node B gets the packet and sends a packet back to Node A in

acknowledgement.

The packet from Node B arrives at the switch. Now the switch can add the
MAC address of Node B to the lookup table for Segment C. Since the switch
already knows the address of Node A, it sends the packet directly to it.
Because Node A is on a different segment than Node B, the switch must
connect the two segments to send the packet. This is known as forwarding.

The next packet from Node A to Node B arrives at the switch. The switch now
has the address of Node B, too, so it forwards the packet directly to Node B.

Node C sends information to the switch for Node A. The switch looks at the
MAC address for Node C and adds it to the lookup table for Segment A. The
switch already has the address for Node A and determines that both nodes
are on the same segment, so it does not need to connect Segment A to
another segment for the data to travel from Node C to Node A. Therefore, the
switch will ignore packets traveling between nodes on the same segment.
This is filtering.

Learning and flooding continue as the switch adds nodes to the lookup tables.
Most switches have plenty of memory in a switch for maintaining the lookup
tables; but to optimize the use of this memory, they still remove older
information so that the switch doesn't waste time searching through stale
addresses. To do this, switches use a technique called aging. Basically, when
an entry is added to the lookup table for a node, it is given a timestamp. Each
time a packet is received from a node, the timestamp is updated. The switch
has a user-configurable timer that erases the entry after a certain amount of

35
time with no activity from that node. This frees up valuable memory
resources for other entries. As you can see, transparent bridging is a great
and essentially maintenance-free way to add and manage all the information
a switch needs to do its job!
In our example, two nodes share segment A, while the switch creates independent
segments for Node B and Node D. In an ideal LAN-switched network, every node
would have its own segment. This would eliminate the possibility of collisions and
also the need for filtering.

Redundancy
When we talked about bus and ring networks earlier, one issue was the possibility of
a single point of failure. In a star or star-bus network, the point with the most
potential for bringing all or part of the network down is the switch or hub. Look at
the example below:
In this example, if either switch A or C fails, then the nodes connected to that
particular switch are affected, but nodes at the other two switches can still
communicate. However, if switch B fails, then the entire network is brought down.
What if we add another segment to our network connecting switches A and C?

36

Broadcast Storms
In the last section, you discovered how switches learn where the nodes are located.
With all of the switches now connected in a loop, a packet from a node could quite
possibly come to a switch from two different segments. For example, imagine that
Node B is connected to Switch A, and needs to communicate with Node A on
Segment B. Switch A does not know who Node A is, so it floods the packet.
The packet travels via Segment A or Segment C to the other two switches (B and C).
Switch B will add Node B to the lookup table it maintains for Segment A, while
Switch C will add it to the lookup table for Segment C. If neither switch has learned
the address for Node A yet, they will flood Segment B looking for Node A. Each
switch will take the packet sent by the other switch and flood it back out again
immediately, since they still don't know who Node A is. Switch A will receive the
packet from each segment and flood it back out on the other segment. This causes
a broadcast storm as the packets are broadcast, received and rebroadcast by
each switch, resulting in potentially severe network congestion.
Which brings us to spanning trees...
Spanning Trees
To prevent broadcast storms and other unwanted side effects of looping, Digital
Equipment Corporation created the spanning-tree protocol (STP), which has been
standardized as the 802.1d specification by the Institute of Electrical and Electronic
Engineers (IEEE). Essentially, a spanning tree uses the spanning-tree
algorithm (STA), which senses that the switch has more than one way to
communicate with a node, determines which way is best and blocks out the other

37
path(s). The cool thing is that it keeps track of the other path(s), just in case the
primary path is unavailable.
Here's how STP works:
Each switch is assigned a group of IDs, one for the switch itself and one for each
port on the switch. The switch's identifier, called the bridge ID (BID), is 8 bytes
long and contains a bridge priority (2 bytes) along with one of the switch's MAC
addresses (6 bytes). Each port ID is 16 bits long with two parts: a 6-bit priority
setting and a 10-bit port number.
A path cost value is given to each port. The cost is typically based on a guideline
established as part of 802.1d. According to the original specification, cost is 1,000
Mbps (1 gigabit per second) divided by the bandwidth of the segment connected to
the port. Therefore, a 10 Mbps connection would have a cost of (1,000/10) 100.
To compensate for the speed of networks increasing beyond the gigabit range, the
standard cost has been slightly modified. The new cost values are:
Bandwidth 4 Mbps = 250 STP Cost Value
Bandwidth 10 Mbps = 100 STP Cost Value
Bandwidth 16 Mbps = 62 STP Cost Value
Bandwidth 45 Mbps = 39 STP Cost Value
Bandwidth 100 Mbps = 19 STP Cost Value
Bandwidth 155 Mbps = 14 STP Cost Value
Bandwidth 622 Mbps = 6 STP Cost Value
Bandwidth 1 Gbps = 4 STP Cost Value
Bandwidth 10 Gbps = 2 STP Cost Value
You should also note that the path cost can be an arbitrary value assigned by the
network administrator, instead of one of the standard cost values. Each switch
begins a discovery process to choose which network paths it should use for each
segment. This information is shared between all the switches by way of special
network frames called bridge protocol data units (BPDU). The parts of a BPDU
are:

Root BID - This is the BID of the current root bridge.

Path cost to root bridge - This determines how far away the root bridge is.
For example, if the data has to travel over three 100-Mbps segments to reach

38
the root bridge, then the cost is (19 + 19 + 0) 38. The segment attached to
the root bridge will normally have a path cost of zero.

Sender BID - This is the BID of the switch that sends the BPDU.

Port ID - This is the actual port on the switch that the BPDU was sent from.

All of the switches are constantly sending BPDUs to each other, trying to
determine the best path between various segments. When a switch receives
a BPDU (from another switch) that is better than the one it is broadcasting for
the same segment, it will stop broadcasting its BPDU out that segment.
Instead, it will store the other switch's BPDU for reference and for
broadcasting out to inferior segments, such as those that are farther away
from the root bridge.

A root bridge is chosen based on the results of the BPDU process between
the switches. Initially, every switch considers itself the root bridge. When a
switch first powers up on the network, it sends out a BPDU with its own BID
as the root BID. When the other switches receive the BPDU, they compare the
BID to the one they already have stored as the root BID. If the new root BID
has a lower value, they replace the saved one. But if the saved root BID is
lower, a BPDU is sent to the new switch with this BID as the root BID. When
the new switch receives the BPDU, it realizes that it is not the root bridge and
replaces the root BID in its table with the one it just received. The result is
that the switch that has the lowest BID is elected by the other switches as the
root bridge.

Based on the location of the root bridge, the other switches determine which
of their ports has the lowest path cost to the root bridge. These ports are
called root ports, and each switch (other than the current root bridge) must
have one.

The switches determine who will have designated ports. A designated port
is the connection used to send and receive packets on a specific segment. By
having only one designated port per segment, all looping issues are resolved!
Designated ports are selected based on the lowest path cost to the root
bridge for a segment. Since the root bridge will have a path cost of "0," any
ports on it that are connected to segments will become designated ports. For
the other switches, the path cost is compared for a given segment. If one port
is determined to have a lower path cost, it becomes the designated port for
that segment. If two or more ports have the same path cost, then the switch
with the lowest BID is chosen.

Once the designated port for a network segment has been chosen, any other
ports that connect to that segment become non-designated ports. They

39
block network traffic from taking that path so it can only access that segment
through the designated port.
Each switch has a table of BPDUs that it continually updates. The network is now
configured as a single spanning tree, with the root bridge as the trunk and all the
other switches as branches. Each switch communicates with the root bridge through
the root ports, and with each segment through the designated ports, thereby
maintaining a loop-free network. In the event that the root bridge begins to fail or
have network problems, STP allows the other switches to immediately reconfigure
the network with another switch acting as root bridge. This amazing process gives a
company the ability to have a complex network that is fault-tolerant and yet fairly
easy to maintain.

Layer 3 switches actually work at the Network layer.

Routers and Layer 3 Switching
While most switches operate at the Data layer (Layer 2) of the OSI Reference
Model, some incorporate features of a router and operate at the Network
layer (Layer 3) as well. In fact, a Layer 3 switch is incredibly similar to a router.

40
When a router receives a packet, it looks at the Layer 3 source and destination
addresses to determine the path the packet should take. A standard switch relies on
the MAC addresses to determine the source and destination of a packet, which is
Layer 2 (Data) networking.
The fundamental difference between a router and a Layer 3 switch is that Layer 3
switches have optimized hardware to pass data as fast as Layer 2 switches, yet they
make decisions on how to transmit traffic at Layer 3, just like a router. Within the
LAN environment, a Layer 3 switch is usually faster than a router because it is built
on switching hardware. In fact, many of Cisco's Layer 3 switches are actually routers
that operate faster because they are built on "switching" hardware with customized
chips inside the box.
The pattern matching and caching on Layer 3 switches is similar to the pattern
matching and caching on a router. Both use a routing protocol and routing table to
determine the best path. However, a Layer 3 switch has the ability
to reprogram the hardware dynamically with the current Layer 3 routing
information. This is what allows for faster packet processing.
On current Layer 3 switches, the information received from the routing protocols is
used to update the hardware caching tables.

In this case, even if one of the switches fails, the network will continue. This
provides redundancy, effectively eliminating the single point of failure.
But now we have a new problem

41
VLANs
As networks have grown in size and complexity, many companies have turned
to virtual local area networks (VLANs) to provide some way of structuring this
growth logically. Basically, a VLAN is a collection of nodes that are grouped together
in a single broadcast domain that is based on something other than physical
location.
You learned about broadcasts earlier, and how a router does not pass along
broadcasts. A broadcast domain is a network (or portion of a network) that will
receive a broadcast packet from any node located within that network. In a typical
network, everything on the same side of the router is all part of the same broadcast
domain. A switch that you have implemented VLANs on has multiple broadcast
domains, similar to a router. But you still need a router (or Layer 3 routing engine)
to route from one VLAN to another -- the switch can't do this by itself.
Here are some common reasons why a company might have VLANs:

Security - Separating systems that have sensitive data from the rest of the
network decreases the chances that people will gain access to information
they are not authorized to see.

Projects/Special applications - Managing a project or working with a

specialized application can be simplified by the use of a VLAN that brings all
of the required nodes together.

Performance/Bandwidth - Careful monitoring of network use allows the

network administrator to create VLANs that reduce the number of
router hops and increase the apparent bandwidth for network users.

Broadcasts/Traffic flow - Since a principle element of a VLAN is the fact

that it does not pass broadcast traffic to nodes that are not part of the VLAN,
it automatically reduces broadcasts. Access lists provide the network
administrator with a way to control who sees what network traffic. An access
list is a table the network administrator creates that lists which addresses
have access to that network.

Departments/Specific job types - Companies may want VLANs set up for

departments that are heavy network users (such as multimedia or
engineering), or a VLAN across departments that is dedicated to specific
types of employees (such as managers or sales people).

You can create a VLAN using most switches simply by logging into the switch
via Telnet and entering the parameters for the VLAN (name, domain and port
assignments). After you have created the VLAN, any network segments connected
to the assigned ports will become part of that VLAN.

42
While you can have more than one VLAN on a switch, they cannot communicate
directly with one another on that switch. If they could, it would defeat the purpose
of having a VLAN, which is to isolate a part of the network. Communication between
VLANs requires the use of a router.
VLANs can span multiple switches, and you can have more than one VLAN on each
switch. For multiple VLANs on multiple switches to be able to communicate via a
single link between the switches, you must use a process called trucking -trucking is the technology that allows information from multiple VLANs to be carried
over a single link between switches.
On the next page, you'll learn about trucking.

VLAN Trucking Protocol

The VLAN trucking protocol(VTP) is the protocol that switches use to
communicate among themselves about VLAN configuration.
In the image above, each switch has two VLANs. On the first switch, VLAN A and
VLAN B are sent through a single port (trunked) to the router and through another
port to the second switch. VLAN C and VLAN D are trunked from the second switch
to the first switch, and through the first switch to the router. This trunk can carry
traffic from all four VLANs. The trunk link from the first switch to the router can also
carry all four VLANs. In fact, this one connection to the router allows the router to
appear on all four VLANs, as if it had four different physical ports connected to the
switch.
The VLANs can communicate with each other via the trucking connection between
the two switches using the router. For example, data from a computer on VLAN A
that needs to get to a computer on VLAN B (or VLAN C or VLAN D) must travel from
the switch to the router and back again to the switch. Because of the transparent
bridging algorithm and trucking, both PCs and the router think that they are on the
same physical segment!

43
As you can see, LAN switches are an amazing technology that can really make a
difference in the speed and quality of a network.
For more information on LAN switches, networks and related topics, check out the
links on the next page.
How OSI Works

Virtually all networks in use today are based in some fashion on the Open Systems
Interconnection (OSI) standard. OSI was developed in 1984 by theInternational
Organization for Standardization (ISO), a global federation of national standards
organizations representing approximately 130 countries.
The core of this standard is the OSI Reference Model, a set of seven layers that
define the different stages that data must go through to travel from one device to
another over a network. In this article, you'll find out all about the OSI standard.

44

The seven layers of the OSI Reference Model

The Layers
Think of the seven layers as the assembly line in the computer. At each layer,
certain things happen to the data that prepare it for the next layer. The seven
layers, which separate into two sets, are:
Application Set

Layer 7: Application - This is the layer that actually interacts with

the operating system or application whenever the user chooses to transfer
files, read messages or perform other network-related activities.

Layer 6: Presentation - Layer 6 takes the data provided by the Application

layer and converts it into a standard format that the other layers can
understand.

Layer 5: Session - Layer 5 establishes, maintains and ends communication

with the receiving device.

Transport Set

Layer 4: Transport - This layer maintains flow control of data and provides
for error checking and recovery of data between the devices. Flow control

45
means that the Transport layer looks to see if data is coming from more than
one application and integrates each application's data into a single stream for
the physical network.

Layer 3: Network - The way that the data will be sent to the recipient
device is determined in this layer.
Logical protocols, routing and addressing are handled here.

Layer 2: Data - In this layer, the appropriate physical protocol is assigned to

the data. Also, the type of network and the packet sequencing is defined.

Layer 1: Physical - This is the level of the actual hardware. It defines the
physical characteristics of the network such as connections, voltage levels
and timing.

The OSI Reference Model is really just a guideline. Actual protocol stacks often
combine one or more of the OSI layers into a single layer.
Protocol Stacks
A protocol stack is a group of protocols that all work together to allow software or
hardware to perform a function. The TCP/IP protocol stack is a good example. It
uses four layers that map to the OSI model as follows:

Layer 1: Network Interface - This layer combines the Physical and Data
layers and routes the data between devices on the same network. It also
manages the exchange of data between the network and other devices.

Layer 2: Internet - This layer corresponds to the Network layer.

The Internet Protocol (IP) uses the IP address, consisting of a Network
Identifier and a Host Identifier, to determine the address of the device it is
communicating with.

Layer 3: Transport - Corresponding to the OSI Transport layer, this is the

part of the protocol stack where the Transport Control Protocol (TCP) can
be found. TCP works by asking another device on the network if it is willing to
accept information from the local device.

Layer 4: Application - Layer 4 combines the Session, Presentation and

Application layers of the OSI model. Protocols for specific functions such as email (Simple Mail Transfer Protocol, SMTP) and file transfer (File
Transfer Protocol, FTP) reside at this level.

As you can see, it is not necessary to develop a separate layer for each and every
function outlined in the OSI Reference Model. But developers are able to ensure that
a certain level of compatibility is maintained by following the general guidelines
provided by the model.

46
What is a packet?
It turns out that everything you do on the Internet involves packets. For example,
every Web page that you receive comes as a series of packets, and every e-mail
you send leaves as a series of packets. Networks that ship data around in small
packets are called packet switched networks.
On the Internet, the network breaks an e-mail message into parts of a certain size
in bytes. These are the packets. Each packet carries the information that will help it
get to its destination -- the sender's IP address, the intended receiver's IP address,
something that tells the network how many packets this e-mail message has been
broken into and the number of this particular packet. The packets carry the data in
the protocols that the Internet uses: Transmission Control Protocol/Internet Protocol
(TCP/IP). Each packet contains part of the body of your message. A typical packet
contains perhaps 1,000 or 1,500 bytes.
Each packet is then sent off to its destination by the best available route -- a route
that might be taken by all the other packets in the message or by none of the other
packets in the message. This makes the network more efficient. First, the network
can balance the load across various pieces of equipment on a millisecond-bymillisecond basis. Second, if there is a problem with one piece of equipment in the
network while a message is being transferred, packets can be routed around the
problem, ensuring the delivery of the entire message.
Depending on the type of network, packets may be referred to by another name:

frame

block

cell

segment

Next, learn about the parts of packets and an example of how packets are applied.

47

I've heard that data travels in packets on a computer network. What is a

packet, and why do networks use them?
Network Packet Structure
Most network packets are split into three parts:
Header - The header contains instructions about the data carried by the packet.
These instructions may include:

Length of packet (some networks have fixed-length packets, while others rely
on the header to contain this information)

Synchronization (a few bits that help the packet match up to the network)

Packet number (which packet this is in a sequence of packets)

Protocol (on networks that carry multiple types of information, the protocol
defines what type of packet is being transmitted: e-mail, Web page,
streaming video)

Destination address (where the packet is going)

Originating address (where the packet came from)

Payload - Also called the body or data of a packet. This is the actual data that the
packet is delivering to the destination. If a packet is fixed-length, then the payload
may be padded with blank information to make it the right size.
Trailer - The trailer, sometimes called the footer, typically contains a couple of bits
that tell the receiving device that it has reached the end of the packet. It may also
have some type of error checking. The most common error checking used in packets
is Cyclic Redundancy Check (CRC). CRC is pretty neat. Here is how it works in
certain computer networks: It takes the sum of all the 1s in the payload and adds

48
them together. The result is stored as a hexadecimal value in the trailer. The
receiving device adds up the 1s in the payload and compares the result to the value
stored in the trailer. If the values match, the packet is good. But if the values do not
match, the receiving device sends a request to the originating device to resend the
packet.
As an example, let's look at how an e-mail message might get broken into packets.
Let's say that you send an e-mail to a friend. The e-mail is about 3,500 bits (3.5
kilobits) in size. The network you send it over uses fixed-length packets of 1,024 bits
(1 kilobit). The header of each packet is 96 bits long and the trailer is 32 bits long,
leaving 896 bits for the payload. To break the 3,500 bits of message into packets,
you will need four packets (divide 3,500 by 896). Three packets will contain 896 bits
of payload and the fourth will have 812 bits. Here is what one of the four packets
would contain:
Each packet's header will contain the proper protocols, the originating address (the
IP address of your computer), the destination address (the IP address of the
computer where you are sending the e-mail) and the packet number (1, 2, 3 or 4
since there are 4 packets). Routers in the network will look at the destination
address in the header and compare it to their lookup table to find out where to send
the packet. Once the packet arrives at its destination, your friend's computer will
strip the header and trailer off each packet and reassemble the e-mail based on the
numbered sequence of the packets.
What is an IP address?

In Microsoft Windows, you can enter ipconfig in the command prompt app
to view your computer's current IP address configuration.
Every machine on a network has a unique identifier. Just as you would address a
letter to send in the mail, computers use the unique identifier to send data to
specific computers on a network. Most networks today, including all computers on

49
the Internet, use the TCP/IP protocol as the standard for how to communicate on the
network. In the TCP/IP protocol, the unique identifier for a computer is called its IP
address.
There are two standards for IP addresses: IP Version 4 (IPv4) and IP Version 6 (IPv6).
All computers with IP addresses have an IPv4 address, and many are starting to use
the new IPv6 address system as well. Here's what these two address types mean:

IPv4 uses 32 binary bits to create a single unique address on the network. An
IPv4 address is expressed by four numbers separated by dots. Each number
is the decimal (base-10) representation for an eight-digit binary (base-2)
number, also called an octet. For example: 216.27.61.137

IPv6 uses 128 binary bits to create a single unique address on the network.
An IPv6 address is expressed by eight groups of hexadecimal (base-16)
numbers separated by colons, as in
2001:cdba:0000:0000:0000:0000:3257:9652. Groups of numbers that contain
all zeros are often omitted to save space, leaving a colon separator to mark
the gap (as in 2001:cdba::3257:9652).

At the dawn of IPv4 addressing, the Internet was not the large commercial sensation
it is today, and most networks were private and closed off from other networks
around the world. When the Internet exploded, having only 32 bits to identify a
unique Internet address caused people to panic that we'd run out of IP addresses.
Under IPv4, there are 232 possible combinations, which offers just under 4.3 billion
unique addresses. IPv6 raised that to a panic-relieving 2128 possible addresses.
Later, we'll take a closer look at how to understand your computer's IPv4 or IPv6
addresses.
How does your computer get its IP address? An IP address can be either dynamic or
static. A static address is one that you configure yourself by editing your computer's
network settings. This type of address is rare, and it can create network issues if
you use it without a good understanding of TCP/IP. Dynamic addresses are the most
common. They're assigned by the Dynamic Host Configuration Protocol (DHCP), a
service running on the network. DHCP typically runs on network hardware such
as routers or dedicated DHCP servers.
Dynamic IP addresses are issued using a leasing system, meaning that the IP
address is only active for a limited time. If the lease expires, the computer will
automatically request a new lease. Sometimes, this means the computer will get a
new IP address, too, especially if the computer was unplugged from the network
between leases. This process is usually transparent to the user unless the computer
warns about an IP address conflict on the network (two computers with the same IP
address). An address conflict is rare, and today's technology typically fixes the
problem automatically.

50
IP Classes
Earlier, you read that IPv4 addresses represent four eight-digit binary numbers. That
means that each number could be 00000000 to 11111111 in binary, or 0 to 255 in
decimal (base-10). In other words, 0.0.0.0 to 255.255.255.255. However, some
numbers in that range are reserved for specific purposes on TCP/IP networks. These
reservations are recognized by the authority on TCP/IP addressing, the Internet
Assigned Numbers Authority (IANA). Four specific reservations include the following:

0.0.0.0 -- This represents the default network, which is the abstract concept
of just being connected to a TCP/IP network.

255.255.255.255 -- This address is reserved for network broadcasts, or

messages that should go to all computers on the network.

127.0.0.1 -- This is called the loopback address, meaning your computer's

way of identifying itself, whether or not it has an assigned IP address.

169.254.0.1 to 169.254.255.254 -- This is the Automatic Private IP

Addressing (APIPA) range of addresses assigned automatically when a
computer's unsuccessful getting an address from a DHCP server.

The other IP address reservations are for subnet classes. A subnet is a smaller
network of computers connected to a larger network through a router. The subnet
can have its own address system so computers on the same subnet can
communicate quickly without sending data across the larger network. A router on a
TCP/IP network, including the Internet, is configured to recognize one or more
subnets and route network traffic appropriately. The following are the IP addresses
reserved for subnets:

10.0.0.0 to 10.255.255.255 -- This falls within the Class A address range of

1.0.0.0 to 127.0.0.0, in which the first bit is 0.

172.16.0.0 to 172.31.255.255 -- This falls within the Class B address range of

128.0.0.0 to 191.255.0.0, in which the first two bits are 10.

192.168.0.0 to 192.168.255.255 -- This falls within the Class C range of

192.0.0.0 through 223.255.255.0, in which the first three bits are 110.

Multicast (formerly called Class D) -- The first four bits in the address are
1110, with addresses ranging from 224.0.0.0 to 239.255.255.255.

Reserved for future/experimental use (formerly called Class E) -- addresses

240.0.0.0 to 254.255.255.254.

The first three (within Classes A, B and C) are those most used in creating subnets.
Later, we'll see how a subnet uses these addresses. The IANA has outlined specific

51
uses for multicast addresses within Internet Engineering Task Force (IETF)
document RFC 5771. However, it hasn't designated a purpose or future plan for
Class E addresses since it reserved the block in its 1989 document RFC 1112. Before
IPv6, the Internet was filled with debate about whether the IANA should release
Class E for general use.
Next, let's see how subnets work and find out who has those non-reserved IP
addresses out on the Internet.
Internet Addresses and Subnets
The following is an example of a subnet IP address you might have on your
computer at home if you're using a router (wireless or wired) between your ISP
connection and your computer:

IP address: 192.168.1.102

Subnet mask: 255.255.255.0

Twenty-four bits (three octets) reserved for network identity

Eight bits (one octet) reserved for nodes

Subnet identity based on subnet mask (first address): 192.168.1.0

The reserved broadcast address for the subnet (last address): 192.168.1.255

Example addresses on the same network: 192.168.1.1, 192.168.1.103

Example addresses not on the same network: 192.168.2.1, 192.168.2.103

Besides reserving IP addresses, the IANA is also responsible for assigning blocks of
IP addresses to certain entities, usually commercial or government organizations.
Your Internet service provider (ISP) may be one of these entities, or it may be part of
a larger block under the control of one of those entities. In order for you to connect
to the Internet, your ISP will assign you one of these addresses. You can see a full
list of IANA assignments and reservations for IPv4 addresses here.
If you only connect one computer to the Internet, that computer can use the
address from your ISP. Many homes today, though, use routers to share a single
Internet connection between multiple computers. Wireless routers have become
especially popular in recent years, avoiding the need to run network cables between
rooms.
If you use a router to share an Internet connection, the router gets the IP address
issued directly from the ISP. Then, it creates and manages a subnet for all the
computers connected to that router. If your computer's address falls into one of the

52
reserved subnet ranges listed earlier, you're going through a router rather than
connecting directly to the Internet.
IP addresses on a subnet have two parts: network and node. The network part
identifies the subnet itself. The node, also called the host, is an individual piece of
computer equipment connected to the network and requiring a unique address.
Each computer knows how to separate the two parts of the IP address by using a
subnet mask. A subnet mask looks somewhat like an IP address, but it's actually just
a filter used to determine which part of an IP address designates the network and
node.
A subnet mask consists of a series of 1 bits followed by a series of 0 bits. The 1 bits
indicate those that should mask the network bits in the IP address, revealing only
those that identify a unique node on that network. In the IPv4 standard, the most
commonly used subnet masks have complete octets of 1s and 0s as follows:

255.0.0.0.0 = 11111111.00000000.00000000.00000000 = eight bits for

networks, 24 bits for nodes

255.255.0.0 = 11111111.11111111.00000000.00000000 = 16 bits for

networks, 16 bits for nodes

255.255.255.0 = 11111111. 11111111.11111111.00000000 = 24 bits for

networks, eight bits for nodes

People who set up large networks determine what subnet mask works best based on
the number of desired subnets or nodes. For more subnets, use more bits for the
network; for more nodes per subnet, use more bits for the nodes. This may mean
using non-standard mask values. For instance, if you want to use 10 bits for
networks and 22 for nodes, your subnet mask value would require using 11000000
in the second octet, resulting in a subnet mask value of 255.192.0.0.
Another important thing to note about IP addresses in a subnet is that the first and
last addresses are reserved. The first address identifies the subnet itself, and the
last address identifies the broadcast address for systems on that subnet.
See the sidebar on the previous page for a look at how all this information comes
together to form your IP address. For even more information about IP addresses, the
Internet and related networking topics, head on to the next page.
How Domain Name Servers Work

53

When you enter a URL into your Web browser, your DNS server uses its
resources to resolve the name into the IP address for the appropriate Web
server..
If you've ever used the Internet, it's a good bet that you've used the Domain Name
System, or DNS, even without realizing it. DNS is a protocol within the set of
standards for how computers exchange data on the Internet and on many private
networks, known as the TCP/IP protocol suite. Its basic job is to turn a userfriendly domain name like "howstuffworks.com" into an Internet Protocol (IP)
address like 70.42.251.42 that computers use to identify each other on the network.
It's like your computer's GPS for the Internet.
Computers and other network devices on the Internet use an IP address to route
your request to the site you're trying to reach. This is similar to dialing a phone
number to connect to the person you're trying to call. Thanks to DNS, though, you
don't have to keep your own address book of IP addresses. Instead, you just connect
through a domain name server, also called a DNS server or name server, which
manages a massive database that maps domain names to IP addresses.
Whether you're accessing a Web site or sending e-mail, your computer uses a DNS
server to look up the domain name you're trying to access. The proper term for this
process is DNS name resolution, and you would say that the DNS server resolves
the domain name to the IP address. For example, when you enter
"http://www.howstuffworks.com" in your browser, part of the network connection
includes resolving the domain name "howstuffworks.com" into an IP address, like
70.42.251.42, for ' Web servers.

54
You can always bypass a DNS lookup by entering 70.42.251.42 directly in your
browser (give it a try). However, you're probably more likely to remember
"howstuffworks.com" when you want to return later. In addition, a Web site's IP
address can change over time, and some sites associate multiple IP addresses with
a single domain name.
Without DNS servers, the Internet would shut down very quickly. But how does your
computer know what DNS server to use? Typically, when you connect to your home
network, Internet service provider (ISP) or WiFi network, the modem or router that
assigns your computer's network address also sends some important network
configuration information to your computer or mobile device. That configuration
includes one or more DNS servers that the device should use when translating DNS
names to IP address.
So far, you've read about some important DNS basics. The rest of this article dives
deeper into domain name servers and name resolution. It even includes an
introduction to managing your own DNS server. Let's start by looking at how IP
addresses are structured and how that's important to the name resolution process.
DNS Servers and IP Addresses
You just learned that the primary job of a domain name server, or DNS server, is to
resolve (translate) a domain name into an IP address. That sounds like a simple
task, and it would be, except for the following points:

There are billions of IP addresses currently in use, and most machines have a
human-readable name as well.

DNS servers (cumulatively) are processing billions of requests across the

Internet at any given time.

Millions of people are adding and changing domain names and IP addresses
each day.

With so much to handle, DNS servers rely on network efficiency and Internet
protocols. Part of the IP's effectiveness is that each machine on a network has a
unique IP address in both the IPV4 and IPV6 standards managed by the Internet
Assigned Numbers Authority (IANA). Here are some ways to recognize an IP address:

An IP address in the IPV4 standard has four numbers separated by three

decimals, as in: 70.74.251.42

An IP address in the IPV6 standard has eight hexadecimal numbers (base-16)

separated by colons, as in 2001:0cb8:85a3:0000:0000:8a2e:0370:7334.
Because IPV6 is still a very new standard, we'll concentrate on the more
common IPV4 for this article.

55

Each number in an IPV4 number is called an "octet" because it's a base-10

equivalent of an 8-digit base-2 (binary) number used in routing network
traffic. For example, the octet written as 42 stands for 00101010. Each digit
in the binary number is the placeholder for a certain power of two from 2 0 to
27, reading from right to left. That means that in 00101010, you have one
each of 21, 23 and 25. So, to get the base-10 equivalent, just add 2 1 + 23 +
25 = 2 + 8 + 32 = 42. For more about how IP addresses are constructed, see
our article "What is an IP address?"

There are only 256 possibilities for the value of each octect: the numbers 0
through 255.

Certain addresses and ranges are designated by the IANA as reserved IP

addresses, which means they have a specific job in IP. For example, the IP
address 127.0.0.1 is reserved to identify the computer you're currently using.
So, talking to 127.0.0.1 is just talking to yourself!

Where does your computer's IP address come from? If we're talking about your
desktop or laptop computer, it probably comes from a Dynamic Host Configuration
Protocol (DHCP) server on your network. The job of a DHCP server is to make sure
your computer has the IP address and other network configuration it needs
whenever you're online. Because this is "dynamic," the IP address for your computer
will probably change from time to time, such as when you shut down your computer
for a few days. As the user, you'll probably never notice all this taking place. See the
sidebar on this page for hints on where to find the IP address assigned to your
computer or mobile device.
Web servers and other computers that need a consistent point of contact use static
IP addresses. This means that the same IP address is always assigned to that
system's network interface when it's online. To make sure that interface always gets
the same IP address, IP associates the address with the Media Access Control (MAC)
address for that network interface. Every network interface, both wired and
wireless, has a unique MAC address embedded in it by the manufacturer.
For more information on IP addresses, see the IANA, operated by the Internet
Corporation for Assigned Names and Numbers (ICANN). Now, though, let's look at
the other side of the DNS equation: domain names.
Domain Names
If we had to remember the IP addresses of all our favorite Web sites, we'd probably
go nuts! Human beings are just not that good at remembering strings of numbers.
We are good at remembering words, however, and that is where domain names
come in. You probably have hundreds of domain names stored in your head, such
as:

56

howstuffworks.com -- our favorite domain name

google.com -- one of the most used domain names in the world

mit.edu -- a popular EDU name

bbc.co.uk -- a three-part domain name using the country code UK

You'll recognize domain names as having strings of characters separated by dots

(periods). The last word in a domain name represents a top-level domain.
These top-level domains are controlled by the IANA in what's called the Root Zone
Database, which we'll examine more closely later. The following are some common
top-level domains:

COM -- commercial Web sites, though open to everyone

NET -- network Web sites, though open to everyone

ORG -- non-profit organization Web sites, though open to everyone

EDU -- restricted to schools and educational organizations

MIL -- restricted to the U.S. military

GOV -- restricted to the U.S. government

US, UK, RU and other two-letter country codes -- each is assigned to a domain
name authority in the respective country

In a domain name, each word and dot combination you add before a top-level
domain indicates a level in the domain structure. Each level refers to a server or a
group of servers that manage that domain level. For example, "howstuffworks" in
our domain name is a second-level domain off the COM top-level domain. An
organization may have a hierarchy of sub-domains further organizing its Internet
presence, like "bbc.co.uk" which is the BBC's domain under CO, an additional level
created by the domain name authority responsible for the UK country code.
The left-most word in the domain name, such as www or mail, is a host name. It
specifies the name of a specific machine (with a specific IP address) in a domain,
typically dedicated to a specific purpose. A given domain can potentially contain
millions of host names as long as they're all unique to that domain.
Because all of the names in a given domain need to be unique, there has to be
some way to control the list and makes sure no duplicates arise. That's where
registrars come in. A registrar is an authority that can assign domain names directly
under one or more top-level domains and register them with Inter NIC, a service of
ICANN, which enforces uniqueness of domain names across the Internet. Each
domain registration becomes part of a central domain registration database known

57
as the who is database. Network Solutions, Inc. (NSI) was one of the first registrars,
and today companies like GoDaddy.com offer domain registration in addition to
many other Web site and domain management services.
Later, when we look at how to create a domain name, we'll see that part of
registering a domain requires identifying one or more name servers (DNS servers)
that have the authority to resolve the host names and sub-domains in that domain.
Typically, you would do this through a hosting service, which has its own DNS
servers. Next, we'll look at how these DNS servers manage your domain, and how
DNS servers across the Internet work together to ensure traffic is routed properly
between IP addresses.

Domain name servers connect to each other across the Internet and cache
lookup information to make name resolution more efficient.
The Distributed System
Every domain has a domain name server handling its requests, and there is a
person or IT team maintaining the records in that DNS server's database. No other
database on the planet gets as many requests as DNS servers, and they handle all
those queries while also processing data updates from millions of people every day.
That's one of the most amazing parts of DNS -- it is completely distributed
throughout the world on millions of machines, managed by millions of people, and
yet it behaves like a single, integrated database!

Because managing DNS seems like such a big job, most people tend to leave it to
the IT professionals. However, by learning a little bit about how DNS works and how
DNS servers are distributed across the Internet, you can manage DNS with
confidence. The first thing to know is what the purpose of a DNS server is on the
network where it resides. A DNS server will have one of the following as its primary
task:

58

Maintain a small database of domain names and IP addresses most often

used on its own network, and delegate name resolution for all other names to
other DNS servers on the Internet.

Pair IP addresses with all hosts and sub-domains for which that DNS server
has authority.

DNS servers that perform the first task are normally managed by your Internet
service provider (ISP). As mentioned earlier, the ISP's DNS server is part of the
network configuration you get from DHCP as soon as you go online. These servers
reside in your ISP's data centers, and they handle requests as follows:

If it has the domain name and IP address in its database, it resolves the name
itself.

If it doesn't have the domain name and IP address in its database, it contacts
another DNS server on the Internet. It may have to do this multiple times.

If it has to contact another DNS server, it caches the lookup results for a
limited time so it can quickly resolve subsequent requests to the same
domain name.

If it has no luck finding the domain name after a reasonable search, it returns
an error indicating that the name is invalid or doesn't exist.

The second category of DNS servers mentioned above is typically associated with
Web, mail and other Internet domain hosting services. Though some hardcore IT
gurus set up and manage their own DNS servers, hosting services have made DNS
management much easier for the less technical audience. A DNS server that
manages a specific domain is called the start of authority (SOA) for that domain.
Over time, the results from looking up hosts at the SOA will propagate to other DNS
servers, which in turn propagate to other DNS servers, and so on across the
Internet.
This propagation is a result of each DNS server caching the lookup result for a
limited time, known as its Time To Live (TTL), ranging from a few minutes to a few
days. People managing a DNS server can configure its TTL, so TTL values will vary
across the Internet. So, each time you look up "www.howstuffworks.com," it's
possible that the DNS server for your ISP will find the lookup results "70.42.251.42"
in its own cache if you or someone else using that server looked for it before within
the server's TTL.
This great web of DNS servers includes the root name servers, which start at the
top of the domain hierarchy for a given top-level domain. There are hundreds of root
name servers to choose from for each top-level domain. Though DNS lookups don't

59
have to start at a root name server, they can contact a root name server as a last
resort to help track down the SOA for a domain.
Now that you know how DNS servers are interconnected to improve the name
resolution process, let's look at how you can configure a DNS server to be the
authority for your domain.
Creating a New Domain Name
When you want to create a new domain name, you need to do the following:

Use the Whois database to find a unique domain name that isn't yet
registered. There are several sites that offer free Whois database searches,
such as Network Solutions. If the search comes up empty, you know the
domain name is available.

Register the domain name with a registrar. There are a lot of registrars to
choose from, and some offer special prices for registering the COM, NET, and
ORG versions of a domain at the same time, for registering for two or more
years, or for hosting the domain with the same company.

If you're hosting the domain at a different company than your registrar,

configure the registrar to point your domain name to the correct host name
or IP address for your hosting company (see information below about A
records).

Using the DNS servers from your registrar or hosting company means that you have
a parked domain. This means that someone else owns the computer hardware for
the DNS servers, and your domain is just part of that company's larger DNS
configuration. Alternatively, if you're passionate about hosting your own DNS, you
can set up your own server, either as a physical or virtual machine. Whichever DNS
setup you decide on, that DNS server (or group of servers) becomes the SOA for
your domain, as described earlier.
Whether your SOA is somewhere else or on your own system, you can extend and
modify your DNS settings to add sub-domains, redirect e-mail and control other
services. This information is kept in a zone file on the DNS server
[source: GoDaddy.com]. If you're running your own server, you'll probably need to
manually edit the zone file in a text editor. Many registrars today have a Web
interface you can use to manage DNS for your domain. Each new configuration you
add is called a record, and the following are the most common types of records you
can configure for your DNS server:

Host (A) -- This is the basic mapping of IP address to host name, the essential
component for any domain name.

60

Canonical Name (CNAME) -- This is an alias for your domain. Anyone

accessing that alias will be automatically directed to the server indicated in
the A record.

Mail Exchanger (MX) -- This maps e-mail traffic to a specific server. It could
indicate another host name or an IP address. For example, people who use
Google for the e-mail for their domain will create an MX record that points to
ghs.google.com.

Name Server (NS) -- This contains the name server information for the zone.
If you configure this, your server will let other DNS servers know that yours is
the ultimate authority (SOA) for your domain when caching lookup
information on your domain from other DNS servers around the world.

Start of Authority (SOA) -- This is one larger record at the beginning of every
zone file with the primary name server for the zone and some other
information. If your registrar or hosting company is running your DNS server,
you won't need to manage this. If you're managing your own DNS, Microsoft's
support information has a helpful article on the structure of a DNS SOA
Record.

The following is an example of what a zone file might look like for those who are
editing it directly in a text editor. Note that the center column (second item on each
line) includes a record type from those listed above. When you see an "@" in the left
column, it means that the record applies in all cases not otherwise specified:
@ NS auth-ns1.howstuffworks.com
@ NS auth-ns2.howstuffworks.com
@ MX 10 mail
mail A 209.170.137.42
vip1 A 216.183.103.150
Www CNAME vip1
Typical users will probably get the most use out of MX and CNAME records. The MX
records allow you to point your mail services somewhere other than your hosting
company if you choose to use something like Google Apps for your domain. The
CNAME records let you point host names for your domain to various other locations.
This could include setting google.example.com to redirect to google.com, or setting
up a dedicated game server with its own IP address and pointing it to something like
gameserver.example parent company, Discovery, does this: dsc.discovery.com is
the main Web site, science.discovery.com is The Science Channel Web site, and so
on.

61
Throughout this article, you've read about the role of domain name servers, how
DNS maps domain names to IP addresses and how to choose your domain name
and configure it to work within the distributed system of DNS servers around the
world. Now that you're in the zone with zone files and registered for success with
domain name servers, look up lots more information about DNS on the next page.
How DSL Works

A DSL modem uses telephone lines for high-speed Internet connections.

When you connect to the Internet, you might connect through a regular modem,
through a local-area network connection in your office, through a cable modem or
through a digital subscriber line(DSL) connection. DSL is a very high-speed
connection that uses the same wires as a regular telephone.
Here are some advantages of DSL:

You can leave your Internet connection open and still use the phone line for
voice calls.

The speed is much higher than a regular modem

DSL doesn't necessarily require new wiring; it can use the phone line you
already have.

The company that offers DSL will usually provide the modem as part of the
installation.

But there are disadvantages:

62

A DSL connection works better when you are closer to the provider's central
office. The farther away you get from the central office, the weaker the signal
becomes.

The connection is faster for receiving data than it is for sending data over the
Internet.

The service is not available everywhere.

In this article, we explain how a DSL connection manages to squeeze more

information through a standard phone line -- and lets you make regular telephone
calls even when you're online.
Telephone Lines
If you have read How Telephones Work, then you know that a standard telephone
installation in the United States consists of a pair of copper wires that the phone
company installs in your home. The copper wires have lots of room for carrying
more than your phone conversations -- they are capable of handling a much
greater bandwidth, or range of frequencies, than that demanded for voice. DSL
exploits this "extra capacity" to carry information on the wire without disturbing the
line's ability to carry conversations. The entire plan is based on matching particular
frequencies to specific tasks.
To understand DSL, you first need to know a couple of things about a normal
telephone line -- the kind that telephone professionals call POTS, for Plain Old
Telephone Service. One of the ways that POTS makes the most of the telephone
company's wires and equipment is by limiting the frequencies that the switches,
telephones and other equipment will carry. Human voices, speaking in normal
conversational tones, can be carried in a frequency range of 0 to 3,400 Hertz
(cycles per second -- see How Telephones Work for a great demonstration of this).
This range of frequencies is tiny. For example, compare this to the range of most
stereo speakers, which cover from roughly 20 Hertz to 20,000 Hertz. And the wires
themselves have the potential to handle frequencies up to several million Hertz in
most cases.
The use of such a small portion of the wire's total bandwidth is historical -remember that the telephone system has been in place, using a pair of copper wires
to each home, for about a century. By limiting the frequencies carried over the lines,
the telephone system can pack lots of wires into a very small space without
worrying about interference between lines. Modern equipment that sends digital
rather than analog data can safely use much more of the telephone line's capacity.
DSL does just that.
Asymmetric DSL

63
Most homes and small business users are connected to anasymmetric DSL (ADSL)
line. ADSL divides up the available frequencies in a line on the assumption that
most Internet users look at, or download, much more information than they send, or
upload. Under this assumption, if the connection speed from the Internet to the user
is three to four times faster than the connection from the user back to the Internet,
then the user will see the most benefit most of the time.
Precisely how much benefit you see from ADSL will greatly depend on how far you
are from the central office of the company providing the ADSL service. ADSL is
a distance-sensitive technology: As the connection's length increases, the signal
quality decreases and the connection speed goes down. The limit for ADSL service
is 18,000 feet (5,460 meters), though for speed and quality of service reasons
many ADSL providers place a lower limit on the distances for the service. At the
extremes of the distance limits, ADSL customers may see speeds far below the
promised maximums, while customers nearer the central office have faster
connections and may see extremely high speeds in the future. ADSL technology can
provide maximum downstream (Internet to customer) speeds of up to 8 megabits
per second (Mbps) at a distance of about 6,000 feet (1,820 meters), and upstream
speeds of up to 640 kilobits per second (Kbps). In practice, the best speeds widely
offered today are 1.5 Mbps downstream, with upstream speeds varying between 64
and 640 Kbps. Some vast improvements to ADSL are available in some areas
through services called ASDL2 and ASDL2+. ASDL2 increases downstream to 12
Mbps and upstream to 1 Mbps, and ASDL2+ is even better -- it improves
downstream to as much as 24 Mbps and upstream to 3 Mbps.
You might wonder -- if distance is a limitation for DSL, why is it not also a limitation
for voice telephonecalls? The answer lies in small amplifiers called loading
coils that the telephone company uses to boost voice signals. Unfortunately, these
loading coils are incompatible with ADSL signals, so a voice coil in the loop between
your telephone and the telephone company's central office will disqualify you from
receiving ADSL. Other factors that might disqualify you from receiving ADSL include:

Bridge taps - These are extensions, between you and the central office, that
extend service to other customers. While you wouldn't notice these bridge
taps in normal phone service, they may take the total length of the circuit
beyond the distance limits of the service provider.

Fiber-optic cables - ADSL signals can't pass through the conversion from
analog to digital and back to analog that occurs if a portion of your telephone
circuit comes through fiber-optic cables.

Distance - Even if you know where your central office is (don't be surprised if
you don't -- the telephone companies don't advertise their locations), looking
at a map is no indication of the distance a signal must travel between your
house and the office.

64

Splitting the Signal

The CAP System

There are two competing and incompatible standards for ADSL. The official ANSI standard for
ADSL is a system called discrete multitone, or DMT. According to equipment manufacturers,
most of the ADSL equipment installed today uses DMT. An earlier and more easily implemented
standard was the carrierless amplitude/phase (CAP) system, which was used on many of the
early installations of ADSL.

CAP operates by dividing the signals on the telephone line into three distinct bands: Voice
conversations are carried in the 0 to 4 KHz (kilohertz) band, as they are in all POTS circuits. The
upstream channel (from the user back to the server) is carried in a band between 25 and 160
KHz. The downstream channel (from the server to the user) begins at 240 KHz and goes up to a
point that varies depending on a number of conditions (line length, line noise, number of users in
a particular telephone company switch) but has a maximum of about 1.5 MHz (megahertz). This
system, with the three channels widely separated, minimizes the possibility of interference
between the channels on one line, or between the signals on different lines.

The DMT System

DMT also divides signals into separate channels, but doesn't use two fairly broad channels for
upstream and downstream data. Instead, DMT divides the data into 247 separate channels, each
4 KHz wide.

65

One way to think about it is to imagine that the phone company divides your copper line into 247
different 4-KHz lines and then attaches a modem to each one. You get the equivalent of 247
modems connected to your computer at once. Each channel is monitored and, if the quality is too
impaired, the signal is shifted to another channel. This system constantly shifts signals between
different channels, searching for the best channels for transmission and reception. In addition,
some of the lower channels (those starting at about 8 KHz), are used as bidirectional channels,
for upstream and downstream information. Monitoring and sorting out the information on the
bidirectional channels, and keeping up with the quality of all 247 channels, makes DMT more
complex to implement than CAP, but gives it more flexibility on lines of differing quality.

Filters

CAP and DMT are similar in one way that you can see as a DSL user.

If you have ADSL installed, you were almost certainly given small filters to attach to the outlets
that don't provide the signal to your ADSL modem. These filters arelow-pass filters -- simple
filters that block all signals above a certain frequency. Since all voice conversations take place
below 4 KHz, the low-pass (LP) filters are built to block everything above 4 KHz, preventing the
data signals from interfering with standard telephone calls.

66

DSL Equipment

ADSL uses two pieces of equipment, one on the customer end and one at the Internet service
provider, telephone company or other provider of DSL services. At the customer's location there is
a DSL transceiver, which may also provide other services. The DSL service provider has a DSL
Access Multiplexer (DSLAM) to receive customer connections.

The Transceiver

Most residential customers call their DSL transceiver a "DSL modem." The engineers at the
telephone company or ISP call it an ATU-R. Regardless of what it's called, it's the point where
data from the user's computer or network is connected to the DSL line.

DSL modem

67

The transceiver can connect to a customer's equipment in several ways, though most residential
installation uses USBor 10 base-T Ethernet connections. While most of the ADSL transceivers
sold by ISPs and telephone companies are simply transceivers, the devices used by businesses
may combine network routers, network switches or other networking equipment in the same
platform
.

The DSLAM

The DSLAM at the access provider is the equipment that really allows DSL to happen. A DSLAM
takes connections from many customers and aggregates them onto a single, high-capacity
connection to the Internet. DSLAMs are generally flexible and able to support multiple types of
DSL in a single central office, and different varieties of protocol and modulation -- both CAP and
DMT, for example -- in the same type of DSL. In addition, the DSLAM may provide additional
functions including routing or dynamic IP address assignment for the customers.

The DSLAM provides one of the main differences between user service through ADSL and
through cable modems. Because cable-modem users generally share a network loop that runs
through a neighborhood, adding users means lowering performance in many instances. ADSL
provides a dedicated connection from each user back to the DSLAM, meaning that users won't
see a performance decrease as new users are added -- until the total number of users begins to
saturate the single, high-speed connection to the Internet. At that point, an upgrade by the service
provider can provide additional performance for all the users connected to the DSLAM.

For information on ADSL rates and availability in the United States, go to Broadband Reports.
This site can provide information on ADSL service companies in your area, the rates they charge,
and customer satisfaction, as well as estimating how far you are from the nearest central office.

ADSL isn't the only type of DSL, and it's not the only way to get high-speed Internet access. Next,
we'll look at ADSL alternatives.

68

Alternatives to ADSL
There are lots of variations in DSL technology -- many of them address DSL's distance limitations
in one way or another. Other types of DSL include:

Very high bit-rate DSL (VDSL) - This is a fast connection, but works only over a short distance.
It is capable of handling Internet access, HDTV and on-demand services at rates of 52 Mbps
downstream and 12 Mbps upstream.

Symmetric DSL (SDSL) - This connection, used mainly by small businesses, doesn't allow you
to use the phone at the same time, but the speed of receiving and sending data is the same.

Rate-adaptive DSL (RADSL) - This is a variation of ADSL, but the modem can adjust the speed
of the connection depending on the length and quality of the line.

ISDN DSL (IDSL) - This is a combination of the Integrated Services Digital Network (ISDN) and
DSL technology. ISDN was the solution to dial-up Internet -- it allowed voice, text graphics, video
and other data to share one telephone line. This made it possible to talk on the phone and use
the Internet at the same time. IDSL is faster than ISDN connections but slower than DSL. It can
travel a longer distance of 5 to 6 miles, so it is usually a good option for people who can't get DSL
in their area.

Universal DLS (Uni-DSL) - This emerging technology, developed by Texas Instruments, is

backwards compatible with all existing versions of DSL. It offers somewhat of a middle ground
between ASDL and VDSL -- at longer distances, it can reach the speeds of ASDL, but it can
provide greater speeds than VDSL at shorter distances. In some locations, Uni-DSL can provide
four times the amount of speed as VDSL.
Alternatives to DSL
With DSL's distance limitation and lower availability, what are some other options? There are two
major alternatives to DSL -- cable and wireless.
Cable and DSL are the two big rivals in the world of broadband. Cable isn't limited by distance
like DSL -- cable wires reach most neighborhoods, and signal strengths don't weaken over long
distances. While DSL allows you to use the telephone and Internet simultaneously, cable lets

69
users watch television and surf the Internet at the same time. Many cable companies are also
beginning to bundle services with cable TV, Internet and digital telephone on one bill. Although
cable and DSL speeds are about the same, the one disadvantage with cable is bandwidth -connection speeds can slow down if too many people are using a cable service at the same time.
A new technology, known as WiMax or 802.16, looks to combine the benefits of broadband and
wireless. WiMax will provide high-speed wireless Internet over very long distances and will most
likely provide access to large areas such as cities. WiMax technology will be available in most
American cities in 2008