Router VS Switch

carnevil

Distinguished
Jun 10, 2006
14
0
18,510
Hello community,

I have a fairly simple question puzzling me. I am a Cisco Trainee and I was stumped when asked a very basic question about routers and switches.

A buddy of mine was curious about these devices and starting throwing questions at me. I explained to him how switches can be used for LAN gaming and they should be preferred because they can have higher data transfer speeds. I also explain to him how a router, with ports (Please correct me if I'm wrong), acts just like a switch. Then he asked me, "Well, why do companies need switches if multiple PCs can connect to one router interface and still be on a LAN?"

This is where I got stumped. I started thinking about the 4 ports on my router, but multiple PCs can connect wirelessly to my router. Is there a limit to how many PCs can connect to one side of a router?(Wirelessly) I had many basic answers: switches have multiple physical ports for faster data transfer, switches can connect to other switches without affecting the entire network speed, switches can be subnetted (Can PCs that connect to one interface of a router be subnetted?.

I was lost and boggled with my own reply to his question. So, in general, why do small/medium size companies need switches to connect to a router before leaving their network?

Thank you much.

-Jason
 
Solution
A wireless router (at least the kind we typically use as consumers) is an integrated device consisting of a router, wireless AP, and switch. We call it a “router” for simplicity sake. In fact, most medium to large businesses do NOT use integrated devices but individual components for the increased flexibility. And from this point forward, I’m only going to discuss them as individual components.

A switch is used to create a LAN (local area network). All the devices on the LAN typically belong to a single network (e.g., 192.168.1.x).

A wireless AP is simply another entry point into that same LAN. It just uses wireless rather than wire.

A router allows one LAN to reach another LAN. It “routes” traffic from the LAN using the...
A wireless router (at least the kind we typically use as consumers) is an integrated device consisting of a router, wireless AP, and switch. We call it a “router” for simplicity sake. In fact, most medium to large businesses do NOT use integrated devices but individual components for the increased flexibility. And from this point forward, I’m only going to discuss them as individual components.

A switch is used to create a LAN (local area network). All the devices on the LAN typically belong to a single network (e.g., 192.168.1.x).

A wireless AP is simply another entry point into that same LAN. It just uses wireless rather than wire.

A router allows one LAN to reach another LAN. It “routes” traffic from the LAN using the 192.168.1.x network to another LAN using the 192.168.2.x network, or maybe the Internet (just another network as far as your LAN is concerned).

Those are basic functions. So if some company never needs to access another network, only their own, then all they ever need are switches. A router is pointless. It’s no different for even your own home network. Before the Internet, the only thing ppl typically had in their homes were switches (or hubs if you go back far enough). A router only became necessary once those same homes wanted access to another network called the Internet!

“Is there a limit to how many PCs can connect to one side of a router?(Wirelessly)”

There’s always a practical limit to anything. But theoretically, no. For all intents and purposes, wireless users are identical to wired users. If it makes it easier to visualize, you can think of a wireless AP has a virtual switch. All its wireless clients are connected to this imaginary switch and in turn that virtual switch is patched to an actual switch, making everyone members of the same network.

“So, in general, why do small/medium size companies need switches to connect to a router before leaving their network?”

They don’t NEED to use a switch in the sense that it wouldn’t be functional. You could buy a router w/ a single port and connect it to a single PC and it would work. You can do that w/ your own home PC too. A router typically includes other features like a firewall, stateful packet inspection, etc., things that even a single PC could find useful. But if you plan to allow MULTIPLE devices to use that same router, then you need a switch. The switch does nothing more than allow that PC and all the other devices to create their own LAN. From that LAN, they all have access to the same router if that router is also patched to the LAN. And if you buy a consumer grade router w/ integrated router and switch, that’s merely a convenience. The concept is the same.

 
Solution

carnevil

Distinguished
Jun 10, 2006
14
0
18,510
Thanks for the reply eibgrad. I assume this is more simplified than what actually takes place. I appreciate your response, and it cleared up most of my confusion.

-Jason
 

Brian_tii

Distinguished
Feb 9, 2010
292
0
18,810
Well... realistically your corp situation demands different requirements due to flexiblity and port density. Your typical router may have 4 ports however you may NEED to have 100's of clients behind that and they maybe in many different phyiscal locations (think floors / buildings /etc). When you start talking about a corp environment you may have a network with many swtiches all of which use VLANs and share the same vlan database between them. All of these floors might not all share the same access requirements. Further each person on each floor might not have the same access requiremetns. (Example Jim from tech support probably doesn't need access to accounting servers and Bob from accounting probably doesn't need access to tech support servers) Using vlans allows the flexiblity of assigning different networks to each and every port, which then maybe routed / firewalled however they want. In the case of something like say a Cisco Cat 6509, you can start incorperating all of this stuff into one huge box... which gets cool, but can be very confusing unless you focus on the core things that each component accomplishes.

With a Catalyst 6500 series, you can:

- Have a full layer 3 router (sup720)
- Have a full ASA-like firewall (FWSM module)
- Have MANY swtich blades of which you can configure each and every port to be a on a completly different network. You can also distrubute this "vlan database" across many switches assigning different ports to differnet networks even through the trunk ports maybe shared.
- You can then use the sup720 to do all your routing and the FWSM to do all firewalling between all of the various vlans... keeping in mind there can be HUNDREDS.

With that essentally you can define vlans, firewall rules for those vlans (either transparent or routing mode on the FWSM) and whatever routing protocols you want within the sup720, all while having the flexibilty of throwing each port on a whatever "virtual switch / virtual lan" you'd like.

In other words it makes it crazy easy for network guys to configure many different networks with many different firewalling options however they'd like. The consumer level boxes simply do not scale the same manor as a corp device and really can't be compared.