LAN Interconnection ------------------- (C) 1992 ZyBel MicroSystems Inc. March 19, 1992 This file contains technical information about using LAN bridge and router products, and a discussion of application considerations. It will focus on bridges being used to extend network length beyond the limits dictated by the type of media being utilized, and will also discuss bridging as a means of segmenting congested networks. This information was compiled by ZyBel MicroSystems Inc., a software developer and reseller of Artisoft Lantastic products. ZyBel would be happy to work with any resellers or end users who have bridging needs. Our address and phone number can be found at the end of this file. The author will assume that the reader is familiar with basic LAN terminology and wiring standards. The first section of this file contains detailed technical information regarding LAN interconnection. The latter section details appropriate solutions for specific application problems. 1. LAN Interconnection - the technology explained. 1.1 Wiring Standards. The Artisoft Network Interface Cards (AE1, AE1, and AE3) all follow the Ethernet LAN standard. These cards make available various types of network interfaces: AUI: Attachment Unit Interface. A point to point, short distance digital interface which is usually used to connect to a LAN transceiver, for attachment to a particular type of media. This interface is most commonly used to access a 10Base5 (or thick coaxial) network. 10Base2: Also called Thinnet or Cheapernet. Specifies thin coax (RG58), 10 Mb/s, with a maximum segment length of 185 Meters. There can be up to 30 nodes per segment, and a total network span of 925 Meters. 10Base5: Specifies thick coax cable, 10 Mb/s, with a maximum segment length of 500 Meters. There can be up to 100 nodes per segment, and a total network span of 2500 Meters. The network interface card connects to an external transceiver through an AUI interface. 10BaseT: Unshielded twisted pair wiring (UTP). Runs at 10 Mb/s, with a maximum segment length of 100 Meters, and a total network span of 500 Meters. With the Ethernet standard, each network interface card is assigned a unique address by the manufacturer. These addresses are used to identify the source and destination of information which is transmitted over the LAN. The term LAN "segment" refers to a contiguous length of media between two network terminations. In the case of 10Base2 and 10Base5, many devices can be attached to a single segment. In the case of 10BaseT, each segment supports only two devices - one at either end. Segments can be joined together to form larger and more complex networks that exceed the single segment distance limitations. There are three basic devices which can be used to join LAN segments - repeaters, bridges, and routers. 1.2 Repeaters A repeater can be thought of as two Ethernet transceivers connected back- to-back. Any signal received on one LAN segment is immediately transmitted on the other segment. The repeater amplifies and regenerates the signal, but is transparent to both segments. Thus the function of a repeater can be thought of as creating one large LAN out of smaller segments. Collisions will occur if two stations, each on a different segment, transmit at the same time. The only real purpose of a repeater is to extend the physical length of the LAN, or to join two different types of media (10Base5 to 10Base2 for example). Ethernet specifies a maximum of 4 repeaters between any two stations (thus allowing up to 5 segments in a single LAN). There are also multi-port repeaters, which transmit incoming signals on all other segments (thereby increasing the maximum cabling length of the network, while still complying with a maximum of 4 repeaters between any two stations). A 10BaseT wiring hub is essentially a multi- port repeater. It is important that no "loops" be created when installing repeaters. Since repeaters re-transmit everything that is received, a "loop" (in which a circular path is formed for the data) will cause data to be repeated forever, essentially killing the network. This effect is known as a data storm. 1.3 Bridging A bridge operates quite differently from a repeater. Before bridging is discussed in any significant detail, a review of LAN architecture is required. The ISO (International Organization for Standardization) created an overall communications structure (or architecture) in 1977 called OSI, or Open Systems Interconnection model. The OSI model was meant to standardize the way in which LANs were architected, and allow for inter- operation between various types of LANs. The OSI model consists of 7 layers, each dealing with a different function required by the LAN system. 1.3.1 The OSI Reference Model The Ethernet standard is based on work done by the IEEE Local Network Standards Committee (Project 802), and specifically on the 802.3 standard (which details CSMA/CD operation). Ethernet utilizes a layered approach similar to the OSI Reference Model. Although a discussion of the OSI Reference Model is beyond the scope of this document, a brief examination of the lower three layers is necessary to fully understand bridging and routing. 1.3.1.1 Layer 1: The Physical Layer This layer is concerned with the physical characteristics of the network - for example, the signal voltage swing and timing, and mechanical, electrical and procedural details involved in a link. 1.3.1.2 Layer 2: The Data Link Layer Layer 2 is responsible for the reliable transfer of data across a physical link. It communicates blocks of data (frames or packets) with necessary synchronization, error checking and flow control. 1.3.1.3 Layer 3: The Network Layer Provides the higher level software with independence from the underlying transmission and switching technologies, and is responsible for establishing, maintaining and terminating connections between entities. As an example, the TCP/IP protocol is a layer 4 and layer 3 protocol (IP, or Internetworking Protocol is layer 3). TCP/IP can be run over Ethernet, or on other types of networks. Ethernet only deals with layers 1 and 2. 1.3.2 How a Bridge Works A bridge is a device which interconnects LANs based on layer 2 information. That is, unlike a repeater, a bridge is not transparent to the LANs involved, and does not re-transmit all information detected on each LAN. As an example, consider a bridge connected to two LANs, call them "A" and "B". The bridge will appear as a device to both "A" and "B". It will monitor traffic on each LAN, but only transmit packets destined for a device on the other LAN. For instance, the bridge will only send packets from "A" to "B" if the packet is addressed to a device located outside of LAN "A". The way the bridge determines the destination for a data packet is by examining the Layer 2 information. Thus the bridge must "know" the structure of Layer 2 packets, and it can only interconnect LANS that have identical Layer 2 protocols. Therefore, a bridge cannot be used to connect Token Ring to Ethernet. It is important to note that the bridge actually receives the LAN data, buffers it, examines it, and then decides whether to forward the data or ignore it. Should it decide to forward the data, it transmits it on the other LAN just as a local device would - it waits until the LAN is clear and then sends the information. With this structure, the bridge actually operates on LAN "A" and LAN "B" independently - i.e. if LAN "A" is busy, the bridge can still transmit to LAN "B". Similarly, if devices on "A" and "B" both transmit at the same time, there will NOT be a collision, since the information is not immediately forwarded to the other LAN. The effect of this operation is to logically segment the two networks. Information destined for a device on the same network will NOT be forwarded to the second LAN. Thus, only traffic destined for the other LAN will be forwarded, and overall congestion on each LAN will be greatly reduced. Because a bridge buffers the data, and must wait to forward packets to a second LAN, the data will take longer to reach its eventual destination than if the bridge were not present. However, since the bridge actually receives the data, stores the information, and then re-transmits the data on another LAN as if it was the originator, the rule about segments and repeaters does not hold true. There can be virtually any number of bridges between two network devices (obviously within practical limits). The higher software layers (layers 3 and 4, the Network and Transport layers) of the OSI Reference Model are responsible for managing end-to-end connections. They ensure that data is delivered in an orderly fashion without errors, and that flow control is implemented as required. Because bridges introduce delays in data reaching its destination, the higher layer protocols must be able to tolerate these additional delays. Now that we understand what a bridge does, we should understand why someone would utilize a bridge. There are basically four reasons for utilizing a bridging device: a). To isolate portions of the network and therefore provide better reliability. With a bus topology (10Base2 and 10Base5), a failure in any device on the bus can bring down the entire LAN. By inserting bridges between LAN segments, other segments are not affected by a failure. b). To increase network performance by segmentation of the network. If there are two LANs, and one is used primarily for an accounting system, and the other primarily for an order entry system, it would slow both LANs considerably if all packets were transmitted on both LANs. A better choice would be to utilize a bridge which will only forward packets that are involved with the application being utilized, and reduce overall congestion on each LAN. This is especially important in an Ethernet network because LAN performance will not degrade in a linear fashion with congestion - rather it will fall off rapidly once a critical utilization level is reached, and collisions become commonplace. c). To implement security in a network. Some bridges can be programmed to only allow specific network devices to forward data to other LANs, thus providing network security. d). To expand a network beyond the physical limits imposed by the media being used. This is especially important if a LAN is to be interconnected with another LAN located across town, or across the country. A remote bridge can forward LAN traffic over various types of Wide Area Networks (to another bridge at the remote end), and thus join two networks that are physically very far apart. This application will be discussed in some detail later. Depending upon the features supported by the bridge, circular paths and multiple paths can be supported. By utilizing special algorithms in the bridge (the most common of which is the Spanning Tree Algorithm), a complex network can be created, and the bridges will "know" how to forward data between interconnected LANs (without causing circular repetition). 1.4 Routing A Router operates on a similar concept to a bridge, but operates on Layer 3 of the OSI Reference Model (the Network Layer). Routers determine how to forward or filter data based on Layer 3 information. Most LANs can support many types of protocols carried on the same media. For example, an IPX Ethernet based LAN might share the same LAN cable as devices utilizing TCP/IP over Ethernet. As long as Layer 1 and Layer 2 are identical for both protocol stacks, they will co-exist on the same media (although they may not interact with each other). Because routers operate on Layer 3 information, it is possible to make routing decisions based not only on the source and destination of the data, but also protocol. Thus a multi-protocol router might be configured to only forward TCP/IP packets to a particular LAN, and filter all IPX packets. Routers can support very complex network topologies which include redundant paths and path costing information. A decision to route a packet in a particular fashion can be made based on WAN congestion, link speed and transmission cost. Thus a router has more capabilities than a bridge, but is usually slower (because it must do more processing on the data), and much more costly. In general, a router would be selected over a bridge if complex network topologies are required, or more than one protocol were being used on one or more of the interconnected networks. 1.5 The Brouter In recent years, a new form of product known as a "brouter" has appeared. This is essentially a combination of a bridge and router. Unknown protocols are handled as a bridge, while specific protocols are routed. The term brouter is also commonly applied to bridge devices which use proprietary techniques to handle complex topologies, rather than the standards based Spanning Tree Algorithm. 1.6 Bridge Configuration In the discussions above, it is apparent that enormous configuration tasks are required of a network manager, to configure the bridge to forward data for certain destinations, and filter data for the local LAN. With the first generations of bridging devices, this was usually accomplished by setting up static tables that define which network devices are located on which LANs. The bridge would then know when to forward and when to filter data for a particular destination. This task is very time consuming, and subject to constant change as the LAN evolves. A better strategy in recent years involves the introduction of the "learning" bridge. A learning bridge starts out by broadcasting all LAN data to all interconnected LANs (similar to a repeater). However, as responses are received, the bridge can "learn" where devices are located by examining the source address. As it gathers this information, it automatically configures its internal tables. In this fashion, the bridge actually dynamically re-configures itself as the LANs evolve. A final word about bridges/routers is regarding network management. Many bridges and routers provide facilities for configuration and monitoring (including the gathering of key LAN statistics). Some devices provide this function through the use of a separate communications interface (such as RS-232), and some allow this function through the LAN itself. An important recent development is the widespread acceptance of a network management protocol known as SNMP. SNMP is a generic way of managing network devices, and supports various devices according to a Management Information Base (or MIB). Manufacturers can produce MIBs with extended features for their own devices, which will theoretically operate with any SNMP package. 2. Applications Most people become aware of LAN bridging due to a need to satisfy one of the following applications: 2.1 LAN Segmentation If a LAN is exhibiting unacceptable performance because of some data intensive application, a bridge can be used to isolate users of the problematic program, greatly reducing network congestion for the remaining users. 2.2 LAN Extension If a LAN must be extended beyond the length limits imposed by the particular media being utilized, a bridge can be used to extend the overall network length, by actually creating two distinct networks which are interconnected. A bridge used in this application is known as a Local Bridge. 2.3 Remote Access to Other LANs If an organization has LANs located some distance apart (e.g. across town), and requires access to data on more than one network, a Remote Bridge can be used to interconnect all LANs, and in essence, form one large network. Before discussing this application in detail, it is wise to examine another approach, since remote bridging can become very expensive and exhibit performance limitations. 2.3.1 Screen Sharing Packages. Perhaps the least costly solution is to utilize a "screen" sharing package such as PC Anywhere. A remote user can utilize a dial up modem to communicate with a PC located on the other LAN, and essentially take control of it's keyboard and screen. This allows the use of any applications located on the other network, and supports basic file transfer between networks. The benefit to this approach is that only screen data is being transmitted over the modems, so even if the application manipulates hundreds of megabytes of data (a large database, for example), perhaps only a few thousand bytes of information are being sent over the modem. In addition, low cost dial modems and normal telephone lines can be utilized. The problem with remote control packages is that the PC being used on the remote LAN is unavailable while remote access is underway, and therefore might require additional PCs to be purchased to support the application. If more than one user wanted access between the two LANs at the same time, multiple PCs, modems and telephone lines would be required. Finally, data on the remote LAN can only be accessed through application programs located on the remote LAN, which might not be acceptable depending upon the particular application. A good candidate for remote control software might be financial accounting, since the data is generally only accessed through the accounting software program, and large amounts of data are manipulated by the application. Thus a remote control package would perform well (only transmitting screen changes), and local access to the raw data is not required. If, however, access to the raw data is required, or large amounts of data are actually to be exchanged between the two LANs, a remote bridge is warranted. 2.3.2 Remote Bridging A remote bridge contains one or more LAN ports, and one or more Wide Area Network (or WAN) ports. LAN networks are connected to the LAN ports, and some form of wide area communication link is connected to the WAN ports. Data destined for another LAN is packaged in a form suitable to be carried over the WAN link, and then transmitted through the WAN to another bridge. Once received, the second bridge recovers the original LAN data from the WAN format, and places it on the other LAN at the remote site. In this manner, networks are interconnected over long distances. An important issue to note is that WAN links are almost always slower than LANs, and thus performance problems can occur. In addition, since the bridge must buffer LAN data until it can be transmitted over the slower WAN link, it is possible for LAN data to be lost (the higher layer protocols should detect any errors and cause the information to be re-transmitted). The physical interface to the WAN can come in many forms; V.24 (RS-232), X.21, V.35 and T1 to name a few. WAN speeds generally range from 9600 baud to 1.544 MB/S (for T1) or 2.048 MB/S (for E1). In some cases, a bridge will support more than one link between destinations, essentially combining the bandwidth of these WAN links (for example, two T1 links might be combined to provide 3.088 MB/S of bandwidth between two LANs). Before selecting a bridging device, the user should first select a particular WAN transmission service. There are many different WAN links available, from private microwave and satellite links, to telephone company dedicated data lines and switched services. In general, there are three types of WAN links: a). Point to Point dedicated service. A fixed bandwidth is always available between two specific sites. Speeds can range from 4800 bps to T1 and higher. High speed links are usually very expensive, but multiplexer equipment can be used to mix LAN data with voice and video signals, to better utilize available bandwidth (and help with cost justification). Monthly cost is usually fixed regardless of utilization. b). Circuit switched services. Bandwidth is established between sites as required (similar to dialing a telephone). Generally provides slower speed service, at much lower cost than dedicated links. A good example is Switched 56, providing "dial up" connections with 56 KB/S speeds. These services are very useful if part-time LAN interconnection is required. For example, a massive file transfer might occur every evening for 2 hours, not requiring interconnection for the remaining hours in the day. Most circuit switched billing is primarily based on usage. c). Packet switched services. Frame Relay is an emerging standard which is ideal for LAN interconnection. Frame Relay is similar to X.25 service, but without error correction facilities, thereby supporting much higher speeds than X.25. It is assumed that higher layer protocols (layers 3 and 4) will recover from any lost or corrupted data. Frame Relay billing is based on actual packet usage. To select a particular type of WAN link, the user should examine application requirements (amount of data to be transmitted, performance considerations, time of day requirements), and perform a cost analysis on all types of links which support the application. Once a decision is reached regarding the type of link, a particular WAN service can be selected, which will establish what type of physical interface is required. An appropriate bridge can then be purchased which supports this interface. 2.4 Enterprise Networking A large company may develop many separate LANs, reaching sizes of several thousand nodes, and supporting many different protocol stacks (IPX, TCP/IP etc). It may be desirable to interconnect all company wide LANs, and perhaps provide redundancy for mission critical network applications. This form of network is very complex, and involves huge expenditures in equipment and transmission services. Many such organizations have a private backbone network that carries data, voice and video signals. In the near future, many companies may choose Frame Relay as a method of interconnecting LANs. In any event, such networks generally make heavy use of router products, and are far beyond the scope of this discussion. 3. Selecting a Bridge When selecting a bridge, certain key features should be considered: a). Performance. Bridges must perform two basic functions; the filtering of packets, and forwarding of packets. Performance is usually stated separately for each function ("X" packets/second filtering, and "Y" packets/second forwarding). Ethernet defines a minimum packet size, which limits the maximum speed of a 10 MB/S network to 14,800 packets/second. Therefore, a wire-speed bridge will filter and forward packets at up to 14,800 packets/second (it would appear almost as a repeater in terms of performance). Be careful when evaluating performance figures. Some bridge manufacturers combine the performance of each LAN port, and state one total number for the bridge. Therefore, a four port LAN bridge may claim performance of 24,000 packets/second, when in fact it supports 6,000 packets/second on each port. Some bridges also support data compression over WAN links, improving overall throughput for remote applications. b). Availability of LAN interfaces. It is desirable for a bridge to support many types of LAN interfaces, so that mixed media networks are possible. Many bridges have integral transceivers, supporting either Thinnet or UTP (10BaseT) directly. Others will only support an AUI interface, and require external transceivers. c). Availability of WAN interfaces. As mentioned earlier, there are many forms of WAN interfaces. An ideal bridge would support all common connection standards. In the case of T1 equipment, a CSU/DSU may be required, which may or may not be available as an integral component to the bridge. d). Configuration and Management. The bridge should support remote configuration, so that field service is not required to effect network changes. In addition, some form of statistics collection is desirable. SNMP support is a definite plus, given the growing prevalence of SNMP management packages. e). Intelligence. It is a definite advantage if the bridge supports "learning" of device locations. Without a learning bridge, a network manager must configure lengthy tables, and maintain the information as the network changes. f). If a bridge is to be used in a complex topology (or redundant WAN links are required), it should support the Spanning Tree Algorithm. 4. Pricing Pricing for bridging products vary dramatically. At the lowest end of the market, there are local bridges available for under $2,000. At the high end, some bridges cost between $10,000 and $20,000 for T1 applications. Most bridges today range between $2,000 and $10,000 in price. 5. Summary Bridges are devices which can be used to extend the total length of a LAN, interconnect LANs which are located far apart, and segment LANs to reduce congestion and improve security. Bridges can be used in local applications (all LANs located on the same premises), or remote applications, to interconnect LANs anywhere in the world. When selecting a remote bridge, the first consideration should be the selection of a WAN transmission vehicle, which depends upon the application being utilized on the LAN. A suitable remote bridge can then be purchased which supports the selected WAN link, and provides the necessary network performance. Care should be exercised in selecting a bridge, especially with regard to confusing performance figures. =========================================================================== ZyBel carries a product known as the 8230 Littlebridge, manufactured by Newbridge Networks Inc. (a leader in the T1 multiplexer market). This bridge supports up to 2 LAN interfaces and 2 WAN interfaces. LAN ports can be AUI, Thinnet or UTP (10BaseT). WAN support includes V.24, X.21, V.35, T1 (with or without integral CSU), and E1. The product is a learning bridge, includes the Spanning Tree Algorithm, and supports SNMP management (it comes complete with a basic SNMP package). The Littlebridge features full wire speed filtering AND forwarding on all ports. List price for the product ranges from about $2,200 for a local bridge to $4,400 for a T1 equipped box. For further information, please feel free to contact the author at the address listed below. I sincerely hope the above information has proved to be useful. Warren D. Belkin ZyBel MicroSystems Inc. PO Box 1284 Weston, CT 06883-0284 (203)-226-8800 (203)-226-8851 (FAX) Compuserve: 70571,3651