I just went into some detail on networking concepts in response to a MrPLC post about Office/Plant Ethernet options. I figure as long as I typed it, might as well share with you guys. I'm open to additions and corrections. If it's well received I can add media types, some Windows concepts, and some PLC networking concepts to make a couple page "industrial networking introduction" whitepaper.
Node here is a device on the network - PC, PLC, router, etc. Usually I'm referring to Layer 3, so it has an IP address.
Collision - Bad juju. The "red light on a hub" 2 or more nodes sending a signal on the same wire. A Collision Domain is a network segment where this can happen.
A Broadcast Domain is a network segment where nodes can communicate directly (without going through a router, or equivalent). The good is that it's easy to talk. The bad is that it's easy to talk. Each node will inspect each broadcast/multicast packet (DHCP requests, streaming video, chatty traffic, etc).
What's an Ethernet hub? It's a dumb device that gets a signal on one port and retransmits on all ports - like everyone yelling in a room. One Broadcast Domain, one Collision Domain. Great for running packet sniffers (programs to inspect all traffic). Poor for performance.
What's a bridge? A bridge effectively combines nodes, or sets of nodes in separate Collision Domains, but they maintain one Broadcast Domain. So you don't get as many wire issues (network performance problems), but everyone's still listening to everyone.
So what's a switch? A switch is what you get if you bridge each port together. One Broadcast Domain, but a Collision Domain for each port (or set of ports??). In any event, you shouldn't get collisions, but everyone is still listening to everyone else.
Everything described so far falls under Layers 1 and (mostly) 2. So assume you want 2 "networks", office and plant. We might set up 2 disconnected switches. Traffic doesn't pass between them - they're in 2 separate broadcast domains.
Suppose we put the two on separate IP subnets (a layer 3 concept). We could bridge our 2 switches with a crossover cable. It will seem like devices on one switch can't talk (directly) to one another. That's because they're on separate IP networks (layer 3). But, nodes on both switches will listen to broadcasts from each other. Remember, our bridge maintains a broadcast domain.
The fix to that is putting a router between the 2 switches. A router is a device that has 2 network cards, one on each network (logically and physically) that can pass layer 3 traffic. Now chatty traffic won't pass between switches unless it's directed to an address and goes through our router. Note that your router doesn't know about ports/traffic type, that would be layer 4+ and we'd be talking about a firewall.
This is a good place to ask yourself - does this all make sense? If so...
A managed switch allows you mess with port level settings, VLANS, and things like that.
A VLAN, "virtual local area network", is a logical layer 2 network. Think of it exactly like our "separate switches" example. If we set up the top half of our managed switch ports on VLAN1 and the bottom half on VLAN2, it would appear to users as if they were plugged into separate switches. In fact, we could plug a physical router into both VLANS and it would route traffic as we described in our example. The cool thing is that you can segment VLANs by things other than physical ports (like hardware addresses) and that you can change settings without rewiring anything. This allows you to "spread" your network as you grow.
As you get more into networking you realize that a lot of the concepts are more flexible to deal with logically, rather than physically. Things also get crazy as you introduce: Inter-VLAN routing, DHCP proxies, and policies that selectively pass higher/lower layer traffic. There are also concepts like QoS (Quality of Service) that can substantially improve network performance with the same amount of throughput. There's also a lot of things that can be tuned (packet fragmenting works with frame size, latency issues, security stuff, "packet shaping", etc) that come into play if you have bigger networks especially with encryption devices, VPN tunnels, satellite links, etc.
Node here is a device on the network - PC, PLC, router, etc. Usually I'm referring to Layer 3, so it has an IP address.
Collision - Bad juju. The "red light on a hub" 2 or more nodes sending a signal on the same wire. A Collision Domain is a network segment where this can happen.
A Broadcast Domain is a network segment where nodes can communicate directly (without going through a router, or equivalent). The good is that it's easy to talk. The bad is that it's easy to talk. Each node will inspect each broadcast/multicast packet (DHCP requests, streaming video, chatty traffic, etc).
What's an Ethernet hub? It's a dumb device that gets a signal on one port and retransmits on all ports - like everyone yelling in a room. One Broadcast Domain, one Collision Domain. Great for running packet sniffers (programs to inspect all traffic). Poor for performance.
What's a bridge? A bridge effectively combines nodes, or sets of nodes in separate Collision Domains, but they maintain one Broadcast Domain. So you don't get as many wire issues (network performance problems), but everyone's still listening to everyone.
So what's a switch? A switch is what you get if you bridge each port together. One Broadcast Domain, but a Collision Domain for each port (or set of ports??). In any event, you shouldn't get collisions, but everyone is still listening to everyone else.
Everything described so far falls under Layers 1 and (mostly) 2. So assume you want 2 "networks", office and plant. We might set up 2 disconnected switches. Traffic doesn't pass between them - they're in 2 separate broadcast domains.
Suppose we put the two on separate IP subnets (a layer 3 concept). We could bridge our 2 switches with a crossover cable. It will seem like devices on one switch can't talk (directly) to one another. That's because they're on separate IP networks (layer 3). But, nodes on both switches will listen to broadcasts from each other. Remember, our bridge maintains a broadcast domain.
The fix to that is putting a router between the 2 switches. A router is a device that has 2 network cards, one on each network (logically and physically) that can pass layer 3 traffic. Now chatty traffic won't pass between switches unless it's directed to an address and goes through our router. Note that your router doesn't know about ports/traffic type, that would be layer 4+ and we'd be talking about a firewall.
This is a good place to ask yourself - does this all make sense? If so...
A managed switch allows you mess with port level settings, VLANS, and things like that.
A VLAN, "virtual local area network", is a logical layer 2 network. Think of it exactly like our "separate switches" example. If we set up the top half of our managed switch ports on VLAN1 and the bottom half on VLAN2, it would appear to users as if they were plugged into separate switches. In fact, we could plug a physical router into both VLANS and it would route traffic as we described in our example. The cool thing is that you can segment VLANs by things other than physical ports (like hardware addresses) and that you can change settings without rewiring anything. This allows you to "spread" your network as you grow.
As you get more into networking you realize that a lot of the concepts are more flexible to deal with logically, rather than physically. Things also get crazy as you introduce: Inter-VLAN routing, DHCP proxies, and policies that selectively pass higher/lower layer traffic. There are also concepts like QoS (Quality of Service) that can substantially improve network performance with the same amount of throughput. There's also a lot of things that can be tuned (packet fragmenting works with frame size, latency issues, security stuff, "packet shaping", etc) that come into play if you have bigger networks especially with encryption devices, VPN tunnels, satellite links, etc.
Last edited:
