Switches, routers are almost all network devices used in modern local area networks. Among them, switches are responsible for connecting network devices (such as switches, routers, firewalls, wireless APs, etc.) and terminal devices (such as computers, servers, cameras, network printers, etc.) ); The router realizes the interconnection between the local area network and the local area network, and the interconnection between the local area network and the Internet; In general, the switch is responsible for connecting devices, the router is responsible for connecting to the network.
The function of the switch is to connect terminal devices such as computers, servers, network printers, network cameras, IP phones, and realize the interconnection with other network devices such as switches, wireless access points, routers, network firewalls, etc., so as to build a local area network and realize all devices Communication between.
The switch is located in the second layer (data link layer) of the OSI reference model. The work of the switch relies on the identification of the MAC address (all network devices have a unique MAC address, which is usually directly burned into the network card by the manufacturer) ).
Routers are also called gateways, which connect local area networks to form a larger wide area network. When connecting heterogeneous networks (heterogeneous networks refer to different network types, such as ATM networks, FDDI networks, Ethernet networks, etc.). Heterogeneous networks use different data encapsulation methods and cannot communicate directly, and routers can “translate” these different encapsulated data to achieve communication in heterogeneous networks. In addition, for the local area network, the wide area network is undoubtedly a heterogeneous network.
In general, the main differences between routers and switches are reflected in the following aspects:
(1) Different levels of work
The original switch worked at the data link layer of the OSI/RM open architecture, which is the second layer, and the router was designed to work at the network layer of the OSI model from the beginning. Since the switch works on the second layer of OSI (data link layer), its working principle is relatively simple, while the router works on the third layer of OSI (network layer), it can get more protocol information, and the router can make Smarter forwarding decisions.
(2) The data forwarding is based on different objects
The switch uses the physical address or MAC address to determine the destination address of the forwarded data. The router uses the ID numbers (ie IP addresses) of different networks to determine the address for data forwarding.
(3) Traditional switches can only divide conflict domains, not broadcast domains; routers can divide broadcast domains
The network segment connected by the switch still belongs to the same broadcast domain. Broadcast data packets will spread to all network segments connected to the switch, and in some cases will cause communication congestion and security vulnerabilities. Although the switches above the third layer have the VLAN function, they can also be divided into broadcast domains, but the sub-broadcast domains cannot communicate, and the communication between them still requires a router.
(4) The router provides firewall services
The router only forwards data packets with specific addresses, and does not transmit data packets that do not support routing protocols and network data packets whose purpose is unknown, which can prevent broadcast storms. Switches are usually used for LAN-WAN connections. Switches are classified as bridges, which are devices at the data link layer. Some switches can also achieve Layer 3 switching. In contrast, routers are more powerful than switches, but they are relatively slow and expensive. The three-layer switch combines the wire-speed packet forwarding capability of the switch and the good control function of the router, so it is widely used.
Whether it is a switch, a router , the realization of the functions of these network devices requires the network engineer to configure the device in advance (such as VLAN virtual network port division, firewall security policy configuration, router default gateway setting, etc.). At a different level, these network devices are computers with cpu and memory, and all implement hardware functions through the “translation” of the cpu to the machine language.