Know and understand common network devices including network interface cards (NIC), hubs, bridges, switches

4. Networks and the Effects of Using Them

Learning Objective

Know and understand the common network devices and concepts required by the Cambridge IGCSE 0417 syllabus, including network interface cards (NIC), hubs, bridges, switches, routers, wireless standards, cloud‑computing basics, network classifications, topologies, environments, security mechanisms and performance metrics.

1. Network Interface Card (NIC)

  • Provides the physical and data‑link connection between a device (PC, printer, smartphone, etc.) and a network.

  • Located on the motherboard or added as an expansion card (PCI‑e, USB, Mini‑PCIe).

  • OSI layers: Layer 1 (Physical) & Layer 2 (Data Link).

  • Contains a unique 48‑bit MAC address (e.g., 00‑1A‑2B‑3C‑4D‑5E).

  • Functions performed by the NIC:

    • Encodes/decodes bits onto the chosen medium (electrical, optical, radio).

    • Frames Ethernet packets, adds a CRC for error detection.

    • Implements flow‑control (pause frames) and, on full‑duplex links, manages simultaneous send/receive.

    • Handles MAC‑address filtering (e.g., static MAC tables in managed NICs).

  • Supported media: copper Ethernet (Cat5e/6/6a), fibre (SFP), Wi‑Fi (802.11), Bluetooth, and sometimes Power‑over‑Ethernet (PoE) reception.

2. Hub

  • Simple multi‑port device that repeats every incoming electrical signal to all other ports.

  • OSI Layer 1 – Physical.

  • Creates one shared collision domain; only one station can transmit successfully at a time.

  • Operates half‑duplex; bandwidth is divided among all ports.

  • Typical legacy use: very small home or classroom networks (≤4 devices).

3. Bridge

  • Connects two separate LAN segments and forwards frames only where needed.

  • OSI Layer 2 – Data Link.

  • Maintains a small MAC‑address table (learning bridge) to decide whether to forward or discard a frame.

  • Creates two separate collision domains (one per segment) but a single broadcast domain.

  • Common historic use: linking Ethernet to a Wi‑Fi segment or joining different cable types.

  • Modern managed switches incorporate bridge functions, so dedicated bridges are rarely used today.

4. Switch

  • Intelligent multi‑port device that forwards frames to the correct destination port.

  • OSI Layer 2 (most models) with optional Layer 3** routing capabilities.

  • Builds a MAC address table (learning switch) and sends frames only to the appropriate port.

  • Each port is its own collision domain, allowing full‑duplex communication.

  • Typical advanced features:

    • VLANs – logical segmentation of a physical LAN.

    • PoE – supplies up to 30 W (or 60 W with IEEE 802.3bt) to IP phones, cameras, APs.

    • Link aggregation (LACP) – combines several ports for higher bandwidth.

    • QoS – prioritises voice or video traffic.

    • Static routing or dynamic protocols (RIP, OSPF) on managed Layer 3 switches.

5. Router

  • Interconnects different networks (e.g., LAN ↔ WAN) and selects the best path for each packet.

  • OSI Layer 3 – Network** (also performs Layer 2 functions such as ARP).

  • Maintains a routing table that maps destination networks to next‑hop interfaces.

  • Performs Network Address Translation (NAT) so many private IP addresses can share a single public address.

  • Typical home router functions:

    • DHCP server – assigns IP addresses.

    • Firewall – filters traffic based on rules.

    • Wi‑Fi access point – 802.11ac/ax.

    • Parental‑control and VPN passthrough.

  • Enterprise routers add advanced protocols (OSPF, BGP), VPN termination, high‑throughput interfaces (10 GbE, 40 GbE) and redundancy (HSRP/VRRP).

6. Wireless Technologies

6.1 Wi‑Fi (IEEE 802.11)

  • Operates at OSI Layer 1 & 2.

  • Key families and typical speeds:

    • 802.11b – 11 Mbps (2.4 GHz).

    • 802.11g – 54 Mbps (2.4 GHz).

    • 802.11n – up to 600 Mbps (2.4 GHz / 5 GHz, MIMO).

    • 802.11ac – up to 3.5 Gbps (5 GHz, MU‑MIMO).

    • 802.11ax (Wi‑Fi 6) – up to 9.6 Gbps, better efficiency in dense environments.

  • Frequency bands:

    • 2.4 GHz – longer range, more interference (microwaves, Bluetooth).

    • 5 GHz – higher throughput, shorter range.

    • 6 GHz (Wi‑Fi 6E) – emerging, very low congestion.

  • Security: WPA2‑PSK (AES) and WPA3‑SAE; MAC‑address filtering is optional but not a primary defence.

6.2 Bluetooth

  • Short‑range wireless standard (up to 100 m for Bluetooth 5.0 with high‑power mode).

  • Operates at OSI Layer 1 & 2.

  • Uses profiles (e.g., A2DP for audio, HID for keyboards, PAN for networking).

  • Security: pairing with PIN/passkey, optional encryption (AES‑CCM).

7. Cloud Computing (Basics)

  • Delivery of computing resources over the Internet on a pay‑as‑you‑go basis.

  • Service models:

    • IaaS – virtual machines, storage, networking (e.g., Amazon EC2, Microsoft Azure VM).

    • PaaS – development platforms, databases (e.g., Google App Engine, Heroku).

    • SaaS – ready‑to‑use applications (e.g., Google Workspace, Microsoft 365).

  • Characteristics: on‑demand self‑service, broad network access, resource pooling, rapid elasticity, measured service.

  • Uses in schools and businesses: file storage, collaborative editing, backup, virtual labs.

  • Issues to consider:

    • Data security & privacy – reliance on provider’s encryption and compliance (GDPR, ISO 27001).

    • Reliability – service‑level agreements (SLAs) and potential downtime.

    • Cost – subscription fees vs capital expenditure.

    • Internet dependence – performance tied to bandwidth and latency.

8. Network Classifications

TypeTypical ScaleCommon MediaCollision Domain(s)Broadcast Domain(s)Example
LAN (Local Area Network)Single building or campusEthernet (Cat5e/6), Wi‑FiOne per switch port (full‑duplex)Usually one (unless VLANs are used)School computer lab
WLAN (Wireless LAN)Same physical area as LAN, but wireless802.11 Wi‑FiEach client shares the medium (CSMA/CA) – logical collision domain per APOne per SSID (or per VLAN)Office Wi‑Fi network
MAN (Metropolitan Area Network)City‑wide (several kilometres)Fibre (single‑mode), microwave linksTypically one per device (full‑duplex)One (or multiple if VLANs are used)City council network
WAN (Wide Area Network)National or globalLeased lines, satellite, MPLS, public InternetOne per interface (full‑duplex)Multiple – each ISP segment is a separate broadcast domain unless bridgedInternet, multinational corporate network
PAN (Personal Area Network)Individual’s immediate vicinity (≤10 m)Bluetooth, Wi‑Fi Direct, InfraredSingle‑hop, no collisions (frequency‑hopping)OneSmartphone paired with a headset

9. Network Topologies

  • Star: All devices connect to a central hub or switch. Easy to manage; failure of a single link affects only that device.

  • Bus: All devices share a single coaxial or twisted‑pair backbone. Used historically with Ethernet 10BASE‑5/2; collisions are common.

  • Ring: Each device connects to two neighbours forming a closed loop; token‑ring (IEEE 802.5) controls access.

  • Mesh: Multiple redundant paths between devices; common in WAN backbones and wireless mesh networks for high reliability.

10. Network Environments

Internet – The global public network that interconnects millions of private, public, academic, business and government networks.

Intranet – A private network restricted to an organisation’s staff; uses the same protocols as the Internet but is isolated from external users.

Extranet – An extension of an intranet that grants limited, controlled access to external partners, suppliers or customers, usually via VPN or secure web portals.

Security note: Intranets and extranets rely heavily on firewalls, VLAN segregation and VPN encryption to protect internal resources.

11. Network Security (Key Mechanisms)

  • Password policies: minimum length (≥8 characters), mix of upper‑/lower‑case, numbers and symbols; regular change (e.g., every 90 days).

  • Firewalls:

    • Packet‑filtering (stateless) – examines source/destination IP, ports, protocol.

    • Stateful inspection – tracks connection state (SYN, ACK) for more accurate filtering.

    • Application‑layer firewalls – can block specific URLs or commands.

  • NAT (Network Address Translation): hides internal private IP addresses behind a single public address, reducing exposure.

  • Encryption:

    • Wi‑Fi – WPA2‑AES or WPA3‑SAE.

    • Web traffic – TLS 1.2/1.3 (HTTPS).

    • VPNs – IPsec, OpenVPN, SSL/TLS tunnels for remote access.

  • Anti‑malware & updates: regular OS and application patches; real‑time antivirus/anti‑spyware.

  • E‑safety: safe browsing, recognising phishing, data‑privacy legislation (GDPR, COPPA).

12. Performance Metrics (with Typical Values)

  • Bandwidth (capacity): maximum data rate a link can carry.

    • Fast Ethernet – 100 Mbps.

    • Gigabit Ethernet – 1 Gbps.

    • 10 GbE – 10 Gbps (often used in data‑centres).

  • Latency (delay): time for a packet to travel from source to destination.

    • Copper Ethernet (Cat5e) – ~0.5 ms for 100 m.

    • Fiber (single‑mode) – ~0.2 ms for 10 km.

    • Satellite link – 500‑700 ms (high latency).

  • Throughput (actual data rate): bandwidth reduced by collisions, protocol overhead, and errors. Example: a 100 Mbps Ethernet LAN may deliver ~94 Mbps TCP throughput under ideal conditions.

  • Jitter: variation in latency; critical for VoIP and video streaming.

13. Physical Media

MediumTypical Max LengthBandwidth / SpeedKey Characteristics
Copper Twisted‑Pair (UTP)Cat5e – 100 m; Cat6 – 100 m (55 m for 10 GbE); Cat6a – 100 m for 10 GbE100 Mbps – 10 GbpsRelatively cheap, susceptible to EMI; shielding (STP) reduces interference.
Copper CoaxialUp to 500 m (10BASE‑2) or 185 m (10BASE‑5)10 Mbps (historical)Thick‑core used for early Ethernet and cable TV; limited today.
Fibre‑OpticSingle‑mode – up to 40 km (with repeaters); Multi‑mode – up to 550 m (OM3/OM4)100 Mbps – 100 Gbps (and beyond)Immune to EMI, very high bandwidth, low latency, higher cost and more fragile.
Wireless Radio2.4 GHz – up to 100 m indoors; 5 GHz – up to 30 m indoors; 60 GHz (Wi‑Gig) – up to 10 mUp to 9.6 Gbps (802.11ax)Convenient, but subject to interference, attenuation and security concerns.

14. Basic Network Troubleshooting Tools

  • Ping: sends ICMP echo requests to test reachability and measure round‑trip time.

  • Traceroute (tracert): shows each hop a packet takes to reach a destination, useful for locating bottlenecks.

  • ipconfig / ifconfig: displays IP configuration of a device.

  • nslookup / dig: queries DNS records.

  • Cable tester / continuity tester: checks physical connectivity and wiring faults.

  • Wireshark (packet analyser): captures and analyses frames to identify protocol errors.

  • Speed test utilities: verify actual bandwidth (e.g., iPerf, online speed‑test sites).

15. Comparison of Common Network Devices

DeviceOSI Layer(s)Primary FunctionCollision DomainBroadcast DomainTypical Use
NIC1 & 2Provides physical & data‑link connectivity for a single endpointOne per device (full‑duplex)Same as the attached network segmentEnd‑point connection to any LAN/WAN
Hub1Repeats incoming electrical signals to all ports (no filtering)All ports share a single domainAll ports share a single domainVery small or legacy networks
Bridge2Filters/forwards frames between two LAN segmentsTwo separate domains (one per segment)One (unless VLANs are used)Connecting dissimilar media; largely replaced by switches
Switch2 (optional 3)Intelligent frame forwarding; supports VLANs, PoE, QoSOne per port (full‑duplex)One per VLAN (default: single broadcast domain)Modern LANs, office, campus and data‑centre networks
Router3 (also handles 2)Routes packets between different networks; NAT, DHCP, firewallEach interface is a separate collision domainOne per interface; routers do not forward Ethernet broadcastsConnecting LAN to WAN/Internet; home and enterprise gateways

16. Key Points to Remember

  1. Every networked device needs a NIC to send and receive frames; the NIC contains a unique MAC address.

  2. Hubs repeat signals to all ports, creating a single collision domain – they are now obsolete.

  3. Bridges split collision domains while keeping a single broadcast domain; modern switches perform this function.

  4. Switches give each port its own collision domain, support full‑duplex, and add VLAN, PoE, QoS and optional Layer 3 routing.

  5. Routers operate at Layer 3, use routing tables, perform NAT and can act as firewalls and DHCP servers.

  6. Wi‑Fi standards (802.11a/b/g/n/ac/ax) differ in speed, frequency band and range; always use WPA3 where possible.

  7. Bluetooth is short‑range and profile‑driven; security relies on pairing and optional encryption.

  8. Cloud computing offers IaaS, PaaS and SaaS; weigh benefits (scalability, cost‑saving) against security and reliability concerns.

  9. Understand the difference between LAN, WLAN, MAN, WAN and PAN, and know how collision and broadcast domains change with each.

  10. Network topologies (star, bus, ring, mesh) affect fault tolerance and cable requirements.

  11. Internet, intranet and extranet each have distinct security needs – firewalls, VPNs and VLANs are common controls.

  12. Security basics: strong passwords, layered firewalls, NAT, encryption (WPA2/WPA3, TLS, IPsec) and regular updates.

  13. Performance is measured by bandwidth, latency, throughput and jitter; the choice of physical media (copper, fibre, wireless) directly influences these figures.

  14. Basic troubleshooting tools (ping, traceroute, ipconfig, cable tester, Wireshark) help locate and resolve network problems quickly.

Suggested diagram: a PC with a NIC connected to a switch; other devices (another PC, a printer, a Wi‑Fi access point) also linked to the switch. Show a hub and a bridge in separate sections for contrast, and a router linking the switch to the Internet.