Disclaimer:
For all us tech nerds who are saying that the neighborhood part of the IP may not incorporate all of said numbers in this example. This is true but this is not a tech class and we are focusing on concepts. Concepts are what’s needed for the client to make informed decisions.
What is a router you ask (or maybe not but I’m going to tell you anyway)? A router can be a firewall or a network switch. If the device has the capability to do “layer 3” functions it can route.
An Example:
I live on a small farm neighborhood near Cleveland, TN, one of my friends lives in Ooltewah in a neighborhood. If the device has the ability to get from one neighborhood to the next it can route.
Another Example:
The small farm I live on has an address of 192.168.5.55, my friends address is 10.10.0.32. In the network world these are called IP numbers. The community of the small farm is represented in this part of the address “192.168.5” the particular place in the neighborhood is the “.55” of the address. The same works for my friends address, “10.10.0” represents the neighborhood and “.32” represents his particular house in this neighborhood.
Statement:
All firewalls have the ability to route but all switches don’t.
Firewalls:
These are the devices you use to protect you from internet troublemakers. Its like a wall that separates your small network from the entire digital world. It is important if you have a business that you use a subscription based business grade firewall. Threats are ever evolving and you need constant software updates on your business firewall to help ensure your data’s safety. A firewall will inspect every single data packet that comes across its hardware. This is needed to protect you but causes more work than merely routing the data based on where its coming from to where its going.
Switches:
There are 3 basic types of switches. Dumb switches, which means exactly that, you plug them in and they just work, they cannot be monitored and they are incapable of routing. Smart switches and layer 3 smart switches have the ability to be monitored and depending on the model can have routing “layer 3” capabilities. We only sell smart switches for the following reasons. The primary reason we recommend smart switches is for manageability. With smart switches we can monitor current conditions, upgrade firmware when needed, configure the device for special traffic like phones, printers, public WIFI, and secure WIFI. We typically separate some of these different kinds of data on the network.
Where to route if you route?
Depending on your budget and performance needs you will either route at the firewall on your network or a switch that has the ability to route. Remember firewalls inspect each packet and handles its day job of dealing with all access too and from the internet. If you add routing for internal networks your firewall will have to be configured to do that and will inspect each packet it processes. This works but it requires more resources and will be slower than routing internal traffic thru a switch. On most of our smaller networks routing the internal traffic with the firewall works fine but on a performance oriented network we always route at the switches for internal traffic. Remember the switch does not inspect packets when routing and does the route at normal line speeds thereby increasing network performance. Finally by utilizing “layer 3” switches you allow the firewall to focus on keeping your network safe, and allow the switches to focus on getting data where it needs to go.
I hope this helps you to understand routing on networks
Vincent L. Brannan
President
LiteFoot Technology
5901 Shallowford Road Suite 135
Chattanooga, TN 37421
423-785-6769
423-305-5038
Vince@litefoottech.com