LearnNetwork
Foundations

A whirlwind tour of network devices

10 min

Before we go deep on each one, let's put faces to names. Every device on this page does one job. Understanding the one job makes the rest of the course easier.

| Device | The one job | Layer | Smarter or dumber than the previous row | |---|---|---|---| | Hub | Repeat every bit it receives out every other port | L1 | (baseline — almost extinct) | | Bridge | Two-port switch precursor; segmented collision domains | L2 | Smarter than a hub | | Switch | Learn MAC addresses; forward frames only where they need to go | L2 | Smarter than a bridge | | Router | Forward packets between different IP networks | L3 | Different job from a switch | | L3 switch | Switch with routing built in; routes between VLANs in hardware | L2 + L3 | A switch that grew up | | Firewall | Inspect traffic and apply security policy (allow / deny / log) | L3-L7 | A router with opinions | | Wireless AP | Bridge wireless clients onto a wired LAN | L1-L2 | A specialised switch | | WLC | Wireless LAN Controller. Centrally manages many APs | n/a | The brain over APs | | Load balancer | Spread traffic across multiple backend servers | L4 or L7 | Application-aware |

Hubs vs switches: the punch line

Hubs are functionally extinct, but you'll be tested on them because they make the contrast with switches obvious. A hub is a dumb repeater: a frame in on any port gets blasted out every other port. Every device in a hub-connected network competes for the same shared medium — one collision domain. As you add devices, performance collapses.

A switch does the same physical job but reads each frame's destination MAC address and forwards it only to the port that leads to that MAC. Each port is its own collision domain. Add more devices → no slowdown.

SW1
A
port 1
AA:AA:AA
B
port 2
BB:BB:BB
C
port 3
CC:CC:CC

MAC table

MACPort
(empty)

What's happening

Click 'Next step' to start.

Router vs switch: the punch line

A switch makes local traffic fast (same broadcast domain). A router moves traffic between broadcast domains using IP addresses. You almost always have both: switches connect hosts on each floor, a router connects the floors to each other and out to the internet.

L3 switches

In practice, "router" and "L3 switch" overlap. An L3 switch is built around a switching fabric (fast, lots of ports) with routing capability bolted on top. A "real" router has fewer ports, slower packet rate per port, but richer routing features and WAN interface options.

Rule of thumb: L3 switches route inside a building or campus. Routers sit at the edge to the WAN.

What about firewalls?

A firewall is a router that says "no" more often. Modern firewalls (NGFWs) inspect Layer 7 (application content) and enforce policy like "users in HR can reach the payroll server but not the lab subnet." They typically sit between zones of different trust — internet ↔ DMZ ↔ inside.

What to remember

  • Each device has one job. Memorise it.
  • Switches operate on MAC; routers operate on IP.
  • Hubs flood; switches learn.
  • An L3 switch is a switch with routing on top; it's often the right answer for inter-VLAN routing inside a building.