Cisco Knowledge Suite Cisco SystemsCisco Press

Cutting Edge
Core Reference
Guided Learning
Networking Architecture
Internet Protocols (IP)
Network Protocols
Transport and Application Protocols
Desktop Protocols
Security and Troubleshooting
Network Resources and Management
Integrated Services

Routers and LANs


Contents Next >

Routers and LANs



LAN Domains



LAN Segmentation



LAN Backbones



WAN Gateway




Save to MyCKS

IP Routing Fundamentals

From: IP Routing Fundamentals
Author: Mark Sportack
Publisher: Cisco Press (53)
More Information

3. Routers and LANs

Although routers are often thought of as wide-area network (WAN) devices, they can be equally useful in local-area networks (LANs). Routers, by virtue of their capability to communicate at both the data link layer and the network layer, can provide LAN administrators with a multitude of options for managing LANs and bolstering their performance.

Some of the many things that a router can do in a LAN environment include segment a LAN's media access and MAC broadcast domains, interconnect different LAN architectures, collapse a LAN's backbone into a single device, and provide a gateway to the WAN. This chapter examines all these LAN-level router functions.

LAN Domains

Before delving into the various roles that routers can play in a LAN, it is necessary to first understand some of the functional aspects of a LAN. This will make it easier to understand the effects that routers have when used in a LAN.

A LAN, at its simplest, is a data communications vehicle that operates at the physical and data link layers of the OSI reference model. LANs support two critical functions:

  • Media access

  • The capability to both address and forward frames of data to other local machines

The key word in the second item is local. The definition of local may change subtly with context: A LAN has boundaries that constrain its capability to perform these two functions. For example, a LAN has a media access domain and a Media Access Control (MAC) broadcast domain. Each domain forms the boundary around a group of local, LAN-attached devices.


Broadcasts can also be performed at the network layer. These broadcasts are bounded by the network layer domain.

The Media Access Domain

A media access domain consists of all the devices connected to a LAN that must share the LAN's bandwidth. The name and nature of this domain depends on the media access methodology employed in a LAN. The two primary methodologies for regulating media access are contention and token passing.

Other media access arbitration techniques exist, but these two account for the vast majority of existing LANs. More importantly, they will adequately demonstrate the differences between a media access domain as well as a MAC broadcast domain.

The Contention Domain

In a LAN that uses contention to arbitrate permission to transmit, such as the various Ethernets, this domain is known as a contention, or collision, domain. These names reflect the fact that this is a competition-based, chaotic, and less-than-perfectly reliable access-arbitration technique.

In essence, any device in the contention domain may begin transmitting if it detects no other traffic on the transmission media. The lack of traffic is presumed to mean an idle LAN. In fact, because transmissions are not instantaneous, silence of the LAN may just mean that a device is transmitting but that transmission hasn't reached all the peripheral devices yet. Therefore, a device may begin transmitting only to have its transmissions collide with another. In such cases, both transmission streams are compromised and must be retransmitted.

In an Ethernet network, regardless of the media type or transmission speed, a contention domain consists of all the devices that must compete for the right to transmit. IEEE-compliant Ethernet LANs can support up to a maximum of 1,024 station devices in a single contention domain. This means that there can be up to 1,024 total devices competing for the right to transmit in an Ethernet contention domain.

The Token-Passing Domain

In LANs that pass tokens to regulate media access, such as Fiber Distributed Data Interface (FDDI) or Token Ring, the media access domain is called the token-passing domain. Media access is arbitrated by passing a token in an orderly, circular fashion between the LAN's peripheral devices. A token is a special pattern of bits that is circulated around the media access domain.

The token can be modified by a LAN-attached device to form the header of a data frame. Without this token, the data frame's header cannot be constructed and there can be no transmission. Recipient peripheral devices copy the data in the frame from the LAN. This device also inverts some of the bits in the frame's header to acknowledge its receipt. The frame is then allowed to continue traversing the ring. When it returns to its originator, that device takes the frame off the network and strips out the data. If that device needs to send more data, it may do so. Otherwise, the header is reconverted back into a token and placed on the transmission media, where it travels to the next device downstream. Although this may seem complicated, token passing is a highly organized and efficient means of arbitrating media access permissions.

In a token-passing LAN, regardless of the media type or transmission speed, a token-passing domain consists of all the devices that pass tokens. Here is where a discontinuity in definitions occurs between Token Ring and FDDI, the two most common token-passing LAN architectures. They enjoy similar media access domain characteristics, but they define device differently.

In a Token Ring network, only the LAN's peripheral devices are counted as devices. The hubs are nothing more than repeaters; they are incapable of modifying token bits. Therefore, they cannot be considered devices in the parlance of this LAN architecture. FDDI, on the other hand, does count hub ports as devices. This has some significant ramifications on the sizes of the media access domains in these two LAN architectures. Token Ring LANs can support up to a maximum of 260 peripheral devices in a single token-passing domain. FDDI can support up to 500 total devices (including hub ports) in its token-passing domain. Therefore, you can connect more peripheral devices to a Token Ring LAN than you can to FDDI.

Additionally, FDDI enables devices to be either single-attached (SA) or dual-attached (DA) to the LAN. These describe the number of connections made to the LAN. DA FDDI, while providing redundancy, effectively doubles the device count in the token-passing domain. Each attached port must be counted as a separate device. Therefore, only 125 DA peripheral devices may be connected to a FDDI LAN.

Expanding Media Access Domains

Many of today's LANs are constructed using repeating hubs. The result is a star-shaped physical topology; peripheral devices are interconnected via a central hub. In other words, their connections to the LAN radiate out from a single point much like the rays of a star. Consequently, the physical topologies of LANs are identical, regardless of their media access methodology.

Figure 3-1 illustrates a media access domain in a star-shaped LAN.


Given the previously described discontinuities in the definition of the term device that exists between Ethernet, Token Ring, and FDDI, the examples in this section apply only to Ethernet, Token Ring, and SA FDDI.

Figure 3-1. A media access domain in a star-shaped LAN.

If a given work environment were to install a second Ethernet hub for a second workgroup, it would have two separate Ethernet LANs. That is, each LAN would be completely autonomous and define its own media access and MAC broadcast domains. Figure 3-2 illustrates this.

Figure 3-2. Two separate LANs, each with its own media access domain.

If the two LANs in Figure 3-2 were to be directly interconnected, the result would be a single LAN. This LAN's media access domain would consist of all the devices that populated the original two LANs. The media access domain would also include the two ports used to interconnect the LANs. Therefore, this consolidated LAN would consolidate all LAN-attached devices into a single media access domain. This is depicted in Figure 3-3.

Figure 3-3. Making one LAN from the original two.

Interconnecting the repeating hubs of LANs, both contention based and token passing, results in a functional consolidation of their media access domains. Depending on the LAN architecture, the expanded media access domain may also have to include the hub ports that were interconnected. This is the only way to expand a media access domain!

Other forms of LAN expansion and LAN-to-LAN interconnection are possible but require additional hardware. This hardware can include LAN switches, bridges, and routers. These devices, however, decrease the size of the media access domain, the MAC broadcast domain, or both. Therefore, they enable the overall size of a LAN to increase without a commensurate increase in the size of its media access or MAC broadcast domains. Such asymmetric expandability is the key to a LAN's scalability. These concepts are examined throughout the remainder of this chapter.

The MAC Broadcast Domain

A MAC broadcast domain consists of all the devices connected to a LAN that receive framed data broadcast by a machine to all other machines on the LAN. The concept of a MAC broadcast is virtually universal throughout all IEEE-compliant LANs, regardless of their media access methodology. Consequently, this chapter examines MAC broadcast domains only in the context of Ethernet LANs.


FDDI is considered an IEEE-compliant LAN, even though it was not created by the IEEE. This is because the IEEE standards are passed to the American National Standards Institute (ANSI) for integration with their national standards. FDDI is an ANSI specification that complies with the ANSI equivalents of the IEEE 802.1 and 802.2 standards. Therefore, FDDI is IEEE compliant.

In essence, a MAC broadcast domain is the set of devices that can communicate directly without requiring higher-layer protocols or addressing. To better illustrate the difference between MAC broadcast and media access domains, compare Figure 3-1 and Figure 3-4.

Figure 3-4. An Ethernet MAC broadcast domain with five devices.

Figure 3-4 uses the same LAN configuration depicted in Figure 3-1, but identifies its MAC broadcast domain rather than the media access domain. The key distinction between MAC broadcast and media access domains will become obvious as the various LAN segmentation mechanisms are examined.

As with the media access domain, adding a second isolated LAN creates a second, fully separate broadcast domain. Figure 3-5 identifies the MAC broadcast domains of the LAN configuration presented in Figure 3-2.

Figure 3-5. Two separate Ethernet MAC broadcast domains.

Interconnecting these LANs in the manner demonstrated in Figure 3-3 results in a single, but larger, MAC broadcast domain. Figure 3-6 illustrates this new broadcast domain.

Figure 3-6. Making one Ethernet LAN and MAC broadcast domain of the original two.

This LAN's MAC broadcast domain consists of all the devices that populated the original two LANs' broadcast domains. In this scenario, any given broadcast message is now propagated across the network to twice as many devices as before. Therein lies the proverbial double-edged sword of LANs with large MAC broadcast domains: They can become quite large due to the segmentation of their media access domains, but suffer from the flatness, or lack of a hierarchy, to their MAC broadcast domain.

The Trouble with Flat LANs

LANs built with a single MAC broadcast domain are known as flat LANs. They are flat because there is no structure or hierarchy to their broadcast domains. The benefit of having a large broadcast domain is that it is extremely easy to reach all the devices that are interconnected on the LAN. The potential danger, also, is that it is extremely easy to reach all the devices on the LAN. The more devices you connect to a flat LAN, the more resources are consumed by each MAC broadcast message. Using the wrong communications protocol (that is, one that makes extensive use of MAC broadcasting) could easily compromise the performance of the network, as well as all the devices that populate it.


MAC broadcasts are performed by setting the destination MAC address of a frame of data to its highest possible value: FF:FF:FF:FF:FF:FF. This reserved address value, when placed in a frame's destination address field, is interpreted by all IEEE-compliant LANs as being addressed to all local machines. Therefore, it is accepted by all machines, regardless of what their actual MAC address is.

This paradox shouldn't be misinterpreted as meaning flat LANs are undesirable. On the contrary! The introduction of LAN switching led to a flattening of LANs. The larger a flat LAN is (in terms of its population), however, the more important it is to segment it. Segmentation is a technique that allows the overall size of a LAN to be expanded, by controlling the sizes of its media access and/or MAC broadcast domains.


Contents Next >

Save to MyCKS


Breaking News

One of the primary architects of OpenCable, Michael Adams, explains the key concepts of this initiative in his book OpenCable Architecture.

Expert Advice

Ralph Droms, Ph.D., author of The DHCP Handbook and chair of the IETF Dynamic Host Configuration Working Group, guides you to his top picks for reliable DHCP-related information.

Just Published

Residential Broadband, Second Edition
by George Abe

Introduces the topics surrounding high-speed networks to the home. It is written for anyone seeking a broad-based familiarity with the issues of residential broadband (RBB) including product developers, engineers, network designers, business people, professionals in legal and regulatory positions, and industry analysts.


From the Brains at InformIT


Contact Us


Copyright, Terms & Conditions


Privacy Policy


© Copyright 2000 InformIT. All rights reserved.