Ethernet Switch -- Managed versus Unmanaged
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||
|
Posted by Heinz-Gerd Schlagregen on January 28, 2007, 1:43 pm
Please log in for more thread options Hi, basically a switch works only with the hardware addresses of the attached devices. A switch is a high speed device. It is meant to connect a number of ports delivering full speed to each single one of them, It's internal operation speed is at least equal to the sum of the maximum throughput of all ports. Since it is working just with hardware addresses it does not need an IP address for its operation. If you want to control its operation counting packets, bytes, errors an so on you will need a function collecting these information on the switch. Since this idea was developed quite a while ago many requirements have been expressed by the industry getting to the point of realization that without this knowledge a network is uncontrollable. Every company launching switches to the market does secret manipulations to frames and data passing through the switch to make it as fast as possible. They build their very own switch. But all vendors will have to be able to function together in the same network. No problem, at the input and at the output ports the have to stick to the standard 802.3d. But how would I control this mixture of switches for statistical reasons. Counting bits and bytes and frames and packets is not that easy in a world without a standard solution for this problem? The first idea was to develop a standard databank being held on either switch. The firmware would have its device describtion tables located at a neat place like port enabled or disabled, full duplex or half duplex an so on. Besides these data the firmware could count packets, errors, frames ... and increase the counters in the databank. This databank is called MIB. It stands for Management Information Base. It is a standard and is written with a special compiler called ASN.1 (Abstract Syntax Notation.One). The compiler is very small and has a very view commands. The structure is fixed in an RFC. Every vendor supporting this feature would have to apply to the requirements and put system information for example at the same location like the competing companies. To gain this information you had to go to the switch and attach a pc with appropriate software to the RS232 port on the switch to be able to read the MIB. This is rather inconvenient. Much more convenient would be to stay at the office and have a network connection to the switch. We would need an IP address on the switch to be able to connect to any switch in any network To communicate with this switch we would need some functions of the layer 3 IP stack on the switch. This would make it possible to send a frame to the switch. Who should do the work getting the information from the MIB? Who would check the authentication of this frame? It would not be a good idea to let anyone take a look at your MIB. For this purpose a special peace of software was developed called SNMP (Simple Network Management Protocol) It is simple because it uses UDP, means you will get no acknowledge for any frame. We could continue now into the historical development of versions of SNMP v1, v2c and v3. The true and only reason to give an IP address to a switch is to gain control over the device. SNMP can read and write information for you from and to the MIB. A so called trap frame can be sent by the device unsolicited if important events happen causing an alarm. I have tried to keep it as short as possible and still keep it understandable. If you have further questions feel free to contact me under heinzgerd.schlagregen@freenet.de HG.Schlagregen Germany Betreff: Ethernet Switch -- Managed versus Unmanaged Datum: Donnerstag, 25. Januar 2007 21:33 Hi, I'm designing an Ethernet Switch and one of the requirements is that the IP address of the device be fixed to a port, i.e port 1 would always have IP XYZ, can this be done with an unmanaged ethernet switch? Thanks for the help. GC | ||||||||||||||||
|
Posted by glen herrmannsfeldt on January 29, 2007, 3:13 am
Please log in for more thread options Heinz-Gerd Schlagregen wrote: As well as I remember, the OP was asking for IP address filtering. There are some security situations where that might be useful. > Since it is working just with hardware addresses it does not need an IP
> address for its operation. If you want to control its operation counting > packets, bytes, errors an so on you will need a function collecting these > information on the switch. One could add the simplest IP address filtering onto unmanaged switch logic. There would have to be some way to get the addresses in, but that could be done with much less than a traditional manages switch. There might be some restrictions on IP packets, especially no fragmentation before the appropriate IP address (which there shouldn't be anyway, but as I understand it, that is a favorite way to get around some security systems.) I don't know that it is likely that anyone will build one, but it is possible. One could even put in permanent MAC addresses in for filtering purposes. -- glen | ||||||||||||||||
> devices. A switch is a high speed device. It is meant to connect a number of
> ports delivering full speed to each single one of them, It's internal
> operation speed is at least equal to the sum of the maximum throughput of
> all ports.