Many friends have asked many times what is the gateway, DNS, subnet mask, layer three switches, and the purpose of their positioning; indeed, because network technology is indeed very widely used in weak electricity, we usually discuss the gateway, VLAN, layer three switch or subnet mask and other issues in the VIP technology group, and today we will understand it clearly together in a popular way.
Part 1: What is a VLAN?
VLAN Chinese means "virtual local area network". A LAN can be a network of a handful of home computers or a corporate network of hundreds of computers. A VLAN refers to a network that is split by a router – that is, a broadcast domain.
Listening to the above concept, there must be many friends who are confused, what is a virtual LAN? Okay, why divide VLAN?
Here's an example: popular understanding
A high school, the new semester recruited 800 students, these 800 students, if placed in a class, it must not be managed, in the face of 800 people, the teacher also has a headache, here is teaching, there is no hearing at all, what tasks the teacher assigns, there will be some can not be conveyed, if the teacher wants to find a student's information, to find from 800 pieces of information, extremely troublesome, waste of time;
In reality, it is the same, computer A wants to communicate with computer B, so computer A needs to send an arp request, and there are many computers in the network, and eventually the ARP request will be forwarded to all computers in the same network to find computer B, so that in order to find computer B, the overall bandwidth of the network is consumed, and the computer that receives the broadcast information also consumes a part of the CPU time to process it. This results in a large amount of unnecessary consumption of network bandwidth and CPU computing power.
So what to do?
For these 800 students, the school is divided into 10 classes, each class has 80 students, named Senior One (1) class, Senior One (2) class、、、、 Senior One (10) class, and each person will be given a class number.
1101 indicates a class of student number 01.
1102 indicates a class of student number 02.
1201 means student number 01 in class 2.
The mantissa of the student number in the same class is different, and the others are the same.
Then it will be much easier for the teacher to manage, and the 80 people in a class can be managed properly, and the 2nd and 3rd classes next door will be messed up into a pot of porridge and don't care about the affairs of a class, I just want this class of 80 people to attend classes well.
This is the VLAN, each class is equivalent to a VLAN, and the name of each class is equivalent to the name of the VLAN, and the number of each student is the IP address.
Therefore, the same VLAN can communicate with each other, but different VLANs cannot communicate with each other unless configured.
So how do different VLANs communicate? Single-arm routing and Layer 3 switches are required.
2. Single-arm routing and Layer 3 switches
We know that in order to achieve communication between different VLANs, it is necessary to have a routing function, and there are two ways for different VLANs to communicate with each other (single-arm routing and Layer 3 switches).
What is one-arm routing?
The implementation of single-arm routing is actually a common Layer 2 switch and a router, so that different VLANs can communicate with each other.
So what is a Layer 3 switch?
For small networks, single-arm routing can handle it, but as the traffic between VLANs increases, routers are likely to become bottlenecks in the entire network, causing packet drops or communication congestion.
In order to solve the above problems, Layer 3 switches came into being. A Layer 3 switch is essentially a "(Layer 2) switch with routing function". Routing is a function of the Layer 3 network layer in the OSI reference model, so switches with Layer 3 routing are called "Layer 3 switches".
For details about the internal structure of a Layer 3 switch, see the following diagram.
In one body, a switch module and a router module are set separately, and the built-in routing module is the same as the switching module, and the ASIC hardware is used to process routing. Therefore, high-speed routing can be achieved compared to traditional routers. In addition, the routing and switching module is an aggregation link, because it is an internal connection, it can ensure a considerable bandwidth, so for regular projects, it is necessary to use a layer 3 switch to realize the communication between network networks.
3. What is a gateway?
After understanding whether the VLAN and the Layer 3 switch can communicate, you need to see whether the gateway is correct.
1. What is a gateway?
Gateway, also known as inter-network connector and protocol converter. The gateway implements network interconnection at the transport layer and is the most complex network interconnection device, which is only used for the interconnection of two networks with different higher-level protocols.
Second, how to understand the gateway
Everyone knows that to go from one room to another, you have to go through a door. Similarly, sending information from one network to another must pass through a "gate", which is the gateway. As the name suggests, a gateway is a "gateway" between a network and another network.
There are many types of gateways according to different classification criteria. The gateway in the TCP/IP protocol is the most commonly used, and the "gateway" we are talking about here refers to the gateway under the TCP/IP protocol.
3. The IP address of the gateway
So what exactly is a gateway?
A gateway is essentially an IP address from a network to other networks, and the gateway selects one of the available IPs in the network segment, but generally uses the first and last one.
For example
For example, there is network A and network B,
Network A: The IP address range is "192.168.1.1~192. 168.1.254", subnet mask 255.255.255.0;
If you want to communicate with other network segments, the gateway can be set to 192.168.1.1, or it can also be set to another IP address in the network segment.
Network B: The IP address is 192.168.2.1~192.168.2.254 and the subnet mask is 255.255.255.0.
If you want to communicate with other network segments, the gateway can be set to 192.168.2.1, or you can set it to another IP address in the network segment.
4. How does the gateway achieve communication?
In the absence of a router, TCP/IP communication between two different networks is not possible, even if the two networks are connected to the same switch (or hub), the TCP/IP protocol will determine that the hosts in the two networks are in different networks based on the subnet mask (255.255.255.0). Communication between the two networks must be done through a gateway.
If a host in network A finds that the destination of a packet is not in the local network, it forwards the packet to its own gateway, which in turn forwards the packet to the gateway in network B, which in turn forwards the packet to a host in network B (as shown in the attached figure). The process by which network B forwards packets to network A.
Therefore, only by setting the IP address of the gateway can the TCP/IP protocol realize the mutual communication between different networks.
5. What is the default gateway?
If you know what a gateway is, the default gateway will be easy to understand. Just as a room can have multiple doors, a host can have multiple gateways. The default gateway means that if a host cannot find an available gateway, it sends packets to the default specified gateway, which processes the packets. The gateway used by the host is generally the default gateway.
4. What is DNS?
DNS is a Domain Name System, which is a server that turns a web address into an IP address.
To put it bluntly, DNS is used to translate domain names into IP addresses, and it is easy for everyone to understand this as an example.
For example, when we enter www.baidu.com in the browser, the machine wants to communicate with the Baidu website, the machine wants to send a data packet to the outside, and the IP address of the Baidu server must be written in the data packet, we don't know what the IP address is, so we need to ask the host to ask the DNS server, and the DNS server will automatically help us translate the domain name of www.baidu.com into the IP address 61.135.169.105. Then write to the destination IP address of the packet and communicate with it.
Just like we write letters, you have to write a recipient's address post office to send it to you, you write a letter abroad, you write a Chinese address post office does not know, need this person to help you translate into English. This is the role of DNS, so you can write DNS in the local connection to browse the web normally, if you don't set DNS, you can't access the web normally.
5. MAC address
When it comes to MAC addresses, we have to mention ip addresses, and by the way, we will also talk about ip addresses.
IP vs. MAC
Although IPv6 is now available, most of the protocols we use are IPv4, and the so-called IP is the number of your computer's entire network. Other computers need this number to access their computers. But this number is constantly changing in many cases. The only thing that doesn't change is your MAC address: the physical address.
A MAC address is a unique network address used to identify a NIC device on a network. Uniformly assigned by the relevant hardware manufacturer, the MAC address of each computer is unique.
To make an analogy, you move often, and you don't move once you have an address, XX community, XX unit, XX number, this is IP. But your name remains the same, this is MAC, the difference is that our MAC does not allow duplicate names.
Our IP is divided into two parts: the network part and the host part as shown in the figure above. The network part is like you are in XX town, XX city, XX province, and this is fixed by the state. However, the XX unit XX number of the XX community is set by the developer himself. The two numbers add up to your IP. The difference is that in reality, the length of the two numbers is fixed, but the IP addresses of A, B, C, and D on the network are changing, which was discussed in detail the day before yesterday.
6. Subnet mask
The subnet mask is used to distinguish between network bits and host bits, and as we mentioned above, an IP address is made up of the network part and the host part. Just as a person's name is made up of a given name and a given name.
Then we can compare the IP address to a person's name, then the subnet mask is like a list, you can quickly know which people have the same surname, which people have different surnames, and put people with the same surname in a group, so that they can communicate with each other before.
Here's an example
There is a network segment is 192.168.1.0-192.1.254, this network segment is like a village, it is called security village, this network segment has an IP address is 192.168.1.1, we call him security one, another person is called security two, its IP address is 192.168.1.2, we look at them, we know that they are from the same village.
In addition, there is a network segment, which is 192.168.0.0 - 192.168.255.254, we call it Ancun, and there are two IP addresses in the village that are 92.168.1.1 and 192.168.1.2, also called security 1 and security 2, so the question is?
At this time, you need a subnet mask to judge that they belong to that network segment, you need to bring security 1 and security 2 to the village to recognize, you will know that they belong to that village, the network segment of security village is 255.255.255.0, and the network segment of security village is 255.255.0.0.
IP addresses similar to "same name" and "same surname" will also appear in the network, and how to distinguish which network segment they belong to depends on the subnet mask.
补充:
Finally, Weak Electric Jun added that in order to facilitate everyone's deeper understanding of network knowledge, this diagram helps you clarify the application of network knowledge.
From the official account: Youwei network service