Stand-alone networking devices which support both routing and intelligent bridging among LANs are increasing their presence and importance in corporate, research, manufacturing and (soon) home networks. In fact, just as more independent developers are acquiring their own LANs, more independent developers are likely to start acquiring, modifying or building their own stand-alone networking devices that both route and bridge data packets. Using, extending or building such devices requires understanding how routing and bridging functionalities can or should interact.

The IEEE document, P802.1d MAC Bridges, makes the following important observation on p. 13.

Essentially and for almost all intents and purposes, a collection of Ethernets connected by such a MAC bridge is a single Ethernet.

More precisely, a collection or mesh of Ethernet or other LAN technology segments interconnected via MAC bridges comprise an intelligent communications subnet to which end hosts may be attached via the usual Ethernet interfaces. The MAC bridges as special purpose communications subnet processors, perform the same function for their communications subnet as ARPANET Packet Switch Nodes (PSNs in the general case, formerly called IMPs in ARPANET-specific terminology) perform for the ARPANET communications subnet.

An intelligent communications subnet with communications subnet processors providing the subnet's intelligence is a typical characteristic of Wide Area Networks (WANs) while LANs typically have extremely simple communications subnets like passive coaxial cables. Intelligent bridging technology blurs the distinction between WANs and LANs by creating an intelligent communications subnet from component LANS and MAC bridges acting like PSNs. In the DOD Internet Architecture, a single communications subnet typically corresponds to a single IP subnetwork.

A communications subnet in most networking architectures counts as a single physical network. Unfortunately, in the case of bridged LANs where individual component pieces of the intelligent communications subnet are themselves individual physical (local area) networks, this terminology, albeit unavoidable in the literature, can become rather confusing.

Considering bridged LANs as a single physical network (or -- with less ambiguity -- as a single communications subnet) is an important point because of the internet interconnection principle, which Comer states on p. 55.

Comer elaborates this idea of interconnection via routers on p. 110.

Minimally, an IP router should have interfaces on at least two physical networks (i.e. communications subnets) while a MAC bridge connects separate physical networks so that from the standpoint of the DARPA internet architecture the bridged LANs constitute a single physical network. In some sense, IP routers and P802.1d MAC bridges work at cross purposes. If a single device bridges among a set of interfaces and simultaneously performs IP routing among the same set of interfaces, that device is actually routing packets from a single physical network back onto that single network. Even though as a bridge this device has multiple physical network interfaces, the physical network interfaces are all interfaces to the same communications subnet, and as a router this device has but one logical network interface onto a single IP subnetwork.

To be fair, nothing in DARPA specifications forbids the degenerate case where the physical networks, to which the IP router connects, could be the same, but implementing an hybrid bridge router which can only route from a communications subnet back onto the same communications subnet is conceptually unsatisfactory and defeats the purpose of implementing a router. These considerations imply that implementing a useful hybrid bridge router reasonably and correctly requires serious thought and careful consideration of the essential natures of routers and bridges.

In DARPA internet-style computer networking, routers serve the purpose of finding paths between IP subnetworks. When a computer host needs to transmit an IP packet to another computer host over the internet, the source host determines from the source and destination IP addresses and according to the source host IP subnet mask whether the source and destination IP interfaces attach to the same IP subnetwork. If the IP subnetworks are the same, the source host can presumably transmit the IP packet to the destination host directly without the mediation of a router.

If the IP subnetworks are not the same, the source host transmits the IP packet to an appropriate router which is attached to the same IP subnetwork as the source host interface. Routing the IP packet to the IP subnetwork of the destination host becomes the responsibility of the router. The router strips off source IP subnetwork link layer headers and trailer, modifies the IP headers and forwards the IP packet out the appropriate IP interface to the next IP subnetwork in the IP packet's route. In the forwarding of this IP packet, the router must reencapsulate the IP packet with a new link layer header and trailer. Reencapsulation generally requires resolving the destination IP address to a new physical address on the communications subnet to which the router is forwarding the IP packet.

If the physical network technology is Ethernet, transmitting to the destination host or router attached to the same Ethernet communications subnet as the source host, means resolving the IP address to an Ethernet address via ARP (Address Resolution Protocol) procedures, encapsulating the IP packet within an Ethernet packet and then transmitting the Ethernet packet onto the Ethernet medium.

Suppose a single communications subnet supports multiple IP subnetworks and where the IP software does not support resolving of destination IP addresses on any but the source subnetwork. If a source host is to send a packet to the destination on separate subnetwork on the same communications subnet, the source determines that it must transmit the packet to the IP router. The router receives the packet and then resolves the IP address of the destination and retransmits the IP packet to the destination after the IP packet has been reencapsulated within a new link layer frame.

If the single communications subnet consists of a single LAN segment, this procedure will work but is less than sensible

Yet, if the physical networks are of the same technology type, deencapsulation and reencapsulation represent wasted computer cycles because the router is performing a protocol conversion from a link layer protocol back to the same link layer protocol. Such wasted overhead increases the cost of routers because in order to obtain high throughput, a router might need an expensive microprocessor and associated hardware to provide the extra computation power which the router would be free to waste in unnecessary overhead. Still, network designers have found that routers can in some cases serve usefully as an interconnection technique even when all physical networks are the same type.

Unfortunately, traffic lossage can accompany contention reduction.

Despite their expense, using high-performance wire-speed routers to interconnect IP subnetworks may be economically reasonable because their use in a judiciously designed and interconnected network could obviate the need to recable for more expensive transmissions media. In most cases, a need for higher bandwidth technologies like FDDI appears when aggregate bandwidth exceeds the carrying capabilities of lower speed technologies currently in use. Except perhaps for massive file servers, data base servers, supercomputers collecting or generating data for some real time applications, some image processing systems and some other special devices, a single host rarely has need for the total bandwidth of technologies like FDDI. Judicious network design, which properly divides traffic flow, could avoid the need for aggregate bandwidths comparable to FDDI bandwidths on any link or might confine the need for such bandwidth to internal router busses where providing even larger bandwidths than FDDI provides is much less costly.

If budgetary limitations argue against the purchase of high performance wire-speed routers and if traffic between networks requires less than maximum data rates, the potential communications bottleneck, which a router may cause, may be a less important consideration of network design than the following benefits which all IP routers provide.

IP routers can act as firewalls against link layer and physical layer anomalies because packets are only forwarded by a router from one physical network to another physical network when fairly restrictive conditions are met and because interconnection via routers maintains the electrical isolation of separate communications subnets.

P802.1d MAC bridges serve the purpose of finding paths between the hosts attached to the LAN segments which the MAC bridges connect. Because a bridged collection of LAN segments comprise a single communications subnet, the MAC bridges actually address the problem of providing paths between hosts attached to different communications links in such a way that a single communications subnet is created. MAC bridges address precisely the same problem which packet switches address in an intelligent switching fabric communications subnet. MAC bridges and the LAN segments which connect them comprise an updated and advanced version of switching fabric communications subnets. In a sense, MAC bridges are new and improved versions of old-fashioned PSNs like ARPANET IMPs or DECNET Level 1 routers while LAN segments are advanced versions of the serial links which interconnected PSNs or connected PSNs to end hosts.

Switching fabric communications subnets off-load onto PSNs the work of moving and routing packets between hosts. Such off-loading is a desirable feature of a communications technology because computer cycles lost to the overhead of communications processing are unavailable for other applications which run on the end host. Because early computers often barely had enough computational capacity for their main work, most early communications technologies and almost all current wide area technologies are designed to remove as much of the computer networking overhead from end hosts as possible.

Unfortunately, in the early days of computer networking, both processors and memories were expensive, software engineering techniques were much less developed and implementers did not have as good an understanding of software and hardware issues as we do today. As a consequence, early communications subnets tended to be quite expensive, were prone to flakiness and provided less performance than desired especially in relationship to the cost of the technology.

In the next attempt at providing good computer networking technologies, designers switched in many cases to LAN technologies consisting of passive broadcast communications subnets consisting of serial busses like coaxial cables or similar technologies and replaced packet switches with host-resident network controllers. These host-resident network controllers arbitrate access to the serial bus and act as packet filters which used simple hardware filtering strategies rather than complex software packet switching strategies.

With the goal of improving LAN performance against the low-performance characteristics of LAN technology, network system designers eventually ended up revisiting (perhaps unconsciously) via bridging techniques the earlier intelligent switching fabric communications subnet architectures. The use of LAN technologies as components of a new type of intelligent communications subnet has become reasonable for the following reasons.

Simple hubs behave like repeaters except for the following differences.

If the simple hub forwards at wire speed, the internal buffering of simple hubs increase the effective bandwidth of a network because at any instant the total number of frames in the process of being transceived is the total number of frames on the transmission line plus the total number of frames stored in the smart hubs memory. This effect is sometimes called "the equivalence of memory and bandwidth."

Smart hubs like simple hubs often forward packets at wire-speeds. But smart hubs can increase effective bandwidth even more than simple hubs. If the smart hub has learned the location of all hosts actively transceiving on the attached LAN segments, if the smart hub has N physical interfaces, In=1..N, and N physical interfaces, On=1..N, if there is a single host attached to each such interface, if host HI(n) is transmitting to HO(n) at maximum bandwidth and if the smart hub has sufficient computational power to sustain wire-speed forwarding, the total aggregate bandwidth of this configuration is N * 10 Mbps or 10 Mbps per receiver.

A simple hub because of internal buffering would have a slightly higher effective bandwidth than a multiport transceiver but would achieve nothing near the type of bandwidth increase which a smart hub can supply. Connecting LAN segments with smart hubs capable of wire-speed bridging can reduce contention and increase effective bandwidth at a relatively low cost because smart hubs lack the overhead of deencapsulation and reencapsulation. Smart hubs have the same lossage problem as routers have when aggregate incoming bandwidth on M interfaces directed towards N outgoing interfaces exceeds the maximum possible aggregate bandwidth on the outgoing interfaces.

The active network topology provided by the spanning tree procedure possesses no routing loops, and this topology provides exactly one path between any two end hosts no matter to which LAN segment either of the end hosts is connected.

When filtering/forwarding restrictions are absent and the destination MAC address is an unknown or broadcast MAC address, the frame will be forwarded along all spanning tree paths to all end hosts. While consuming bandwidth, this broadcast is harmless because packet filtering at end hosts can permit all but the destination end host to discard the received frame. If the destination MAC address is a known MAC address, the frame travels along the unique spanning tree path from the source to the destination without any transmission onto any LAN segments outside the path. In this way, LANs connected by MAC bridges appear to end hosts as single LANs, and the MAC bridges act as a sort of "glue" which sticks LAN segments together.

Just as building a telephone network from toll and local office switches requires attention to the appropriate position of each device in the hierarchy, building a computer network from routers and bridges requires exactly the same sort of attention. And just as toll and local office switching functions can reside in a single device, a single computer network device can host routing and bridging functions simultaneously.

Of course, just as blindly mixing toll and local switching office functions relative to local loops and trunk lines would make no sense in a telephone network, combining routing and bridging functions without due attention to the nature of computer network architectural principles might have the potential to completely mess up a computer network.

Router and bridges are transparent to one another because routing and bridging functionalities are "orthogonal" to one another. Routers mediate inter-network path selection within an internet while bridges mediate inter-host path selection within a communications subnet. Despite the orthogonality of routing and bridging functionality, if routers and end hosts are correctly configured and if all network traffic is routable, stand-alone routers could replace all stand-alone bridges in a network to create a routed network with exactly the same connectivity as the bridged network.

If the routers were sufficiently powerful, the routers could provide the same contention reduction, higher effective bandwidth and increased network availability via redundant connectivity which bridges provide. In fact, since routable packets have to meet much stricter criteria of correctness for routing than bridgeable frames have to meet for bridging, single-protocol routers can potentially provide much stronger firewalls against network anomalies than bridges ever can.

Because bridges as communications subnet devices function at an architectural layer invisible to end hosts, MAC bridges unlike IP routers need not have network addresses and interbridge traffic is conceptually "out of band" from the data traffic which MAC bridges switch. Yet, because MAC bridges can be fairly powerful computers and because remote management of MAC bridges in complex networks is desirable or even necessary, many modern MAC bridges support end host functionality, are assigned network addresses, support management functionality as provided by protocols like SNMP and sometimes even support remote terminal functionality as provided by protocols like TELNET.

Such network end host functionality is logically independent of MAC bridging, but when present MAC bridges can provide the remote access functionality which is almost always found built into IP routers because IP routers always have network addresses. The Telford VLAN router products implement this functionality through a logical MAC bridging port to which the internal network end host functionality attaches. The host functionality has its own IP and physical addresses on this port, and Ethernet frames with this physical address as a destination address are forwarded to this port.

In this case, the MAC bridge circuity is performing interworking between the external LAN busses and the internal MAC bridge bus, and the LAN addressing logic has been implemented in software on top of the actual physical internal bus. Alternatively, LAN-style bus addressing could have been implemented as part of the internal MAC bridge bus, and the software logic could have migrated to the hardware. In either case, this sort external-to-internal bus interworking suggests perhaps the most creative use of MAC bridging technology.

Telford communications products use external-to-internal bus interworking to deliver bandwidth to an end host functionality far in excess of the Ethernet 10 Mbps maximum. The built-in end host functionality actually interfaces directly to the internal 120 Mbps bus. Because MAC bridging is invisible to the network layer, the MAC bridging functionality provides completely transparent internal-to-external LAN bus interworking for the use of the internal network end host functionality. In some network topologies, this interworking can provide the end host functionality of the Telford Classic VLAN Router (a high performance intelligent WAN LAN bridge router supporting 8 Ethernet interfaces and three WAN interfaces) with an effective network interface of a full 80 Mbps aggregate bandwidth.

A host using such a controller would communicate with this outboard router at the full bandwidth of the controller card's internal bus. The hybrid bridge router on the controller card has the potential to improve the performance of well designed networks in terms of either bandwidth or availability via redundant fault tolerance. Performance increases of at least an order of magnitude should be obtainable without a comparable increase in cost.

The logically simplest form of multiport hybrid bridge router supports both bridging and routing functionality disjointly. Physical ports are allocated either to the internal router(s) or to the internal bridge(s) exclusively. Single-unit disjoint functionality hybrid bridge routers offer little in comparison with separate pure routers and pure bridges except that

More sophisticated hybridization of bridging and routing would involve providing a method whereby a single port can provide access to both the bridging and routing functionalities. Routing the routable network traffic and leaving the rest of the traffic for bridging is perhaps the most obvious way to implement a hybrid bridge router which combines routing and bridging functionality more intimately.

Such an hybrid architecture makes sense if an unroutable protocol like LAT must be bridged across several LAN segments while all other protocols carried within the link layer are to be routed across the LAN segments. From the standpoint of LAT the LAN segments would have to constitute a single communications subnet while from the standpoint of the other protocols the LAN segments must correspond to separate communications subnets.

Filtering is a useful technique at all protocol layers in the constructions of sophisticated computer networks when there is a need to prevent certain traffic from traversing some portion of a network, to stop some traffic from reaching some portion of a network, to block some traffic from reaching some hosts or to block communication among some set of hosts. Unfortunately, there are insurmountable configuration and reachability problems for this type of hybrid bridge router with respect to any but the simplest topologies when such a device tries to use filtering to provide sufficient separation between bridged LAN segments so that the device can route some traffic between subnetworks which correspond to apparently separate communications subnets while the device bridges some traffic among the very same LAN segments which compose the apparently separate communications subnets.

If the port from B3 to L3 blocks, the configuration works correctly. If the port from MAC bridge B2 to LAN L2 blocks, the configuration is broken and subnetwork S2 IP hosts on LAN L2 will be unable to communicate with subnetwork S2 IP hosts.

In this particularly simple topology, keeping the network layer configuration compatible with the MAC layer bridge priority and port cost configurations is an annoying but less than insuperable management problem. Unfortunately, for almost any topology of greater complexity, the problem of maintaining compatible configurations is daunting if not impossible. Even if a network administrator has established a compatible MAC layer/network layer configuration for a complex topology, minor purposeful topology changes might break the configuration, or -- even worse -- someone might for some perfectly legitimate reason connect a MAC bridge of unspecified configuration across a set of LAN segments and break the configuration beyond repair. Determining the root cause of such connectivity breakdowns could be extremely difficult especially

Parallel router filtering bridges have an even more serious drawback than the difficulty or complexity of establishing compatible MAC layer/network layer configurations. Routers are often used precisely because they can provide a sort of firewall against network anomalies. In the simple example of a hybrid bridge router which bridges LAT traffic and which routes all other traffic, an insane LAT box would wipe out the whole network.

An even trickier problem in the case of P802.1d MAC bridges lies in handling spanning tree PDUs (Protocol Data Units). Filtering out spanning tree PDUs could reasonably be part of creating apparently separate communications subnets because if such PDUs were accepted and processed by the hybrid bridge router and if somewhere in the bridge network bogus spanning tree PDUs were appearing, the hybrid bridge router would propagate rather than isolate the network anomaly which such bogus PDUs would cause. Unfortunately, if the P802.1d MAC bridge discards the spanning tree PDUs at the receive port before processing. The logic of P802.1d MAC bridging forces that port into the forwarding state. If ports, which should block, instead enter forwarding, the bridged network will suffer routing loops and will eventually "melt down" or fail miserably.

The parallel router filtering bridge architecture is simply an incorrect architecture for an hybrid bridge router and will not function properly except in the most trivial of topologies. This architecture is incorrect for the following reasons.

The parallel router filtering bridge architecture violates the DOD Internet Architecture, the ISO OSI Reference Model, DNA and practically any other reasonable computer networking architecture. There is no way for such a device to avoid dysfunctional behavior.

The LSB bridge router architecture, which gives the network layer routing functionality subordinate interfaces to link layer MAC bridging functionalities, is completely consistent with the protocol layering of typical network architectures.

Of course, either by accident or conscious decision, different LSBs on a single Telford LSB bridge router could take part in the same active spanning tree topology. Such a condition is readily apparent in the information, which Telford bridge routers provide, because the root bridges for the active spanning tree topology in which such LSBs take part will all be the same.

If all the LAN interfaces belonged to the same LSB, the LSB bridge router really should not be configured to route but should act as a pure bridge. Of course, there is no reason to forbid routing from one communications subnet back to that communications subnet if the network administrator really wants such a configuration. If each LAN interface belongs to a different LSB, and if each LSB has an IP address which corresponds to a distinct IP subnetwork, the device cannot perform any bridging but can act as a pure router.

The Telford LSB bridge routers can support as many LSBs as they have interfaces so that pure routing is possible. The Telford bridge routers support multiple logical IP interfaces which can map to different LSBs. The IP router functionality routes packets between separate IP subnetworks corresponding to the different communications subnets in which the LSBs take part, by routing packets between the logical IP interfaces which the bridge router supports. IP Interfaces are assigned to different LSBs depending on whether traffic between different groups of interfaces should be bridged or routed.

Assignment of multiple IP interfaces to the same LSB is allowed so that multiple IP subnetworks can reside within one communications subnet. Or alternatively, there may be LSBs to which no IP interfaces are assigned so that the communications subnet, which corresponds to the active spanning tree topology in which this LSB takes part, is isolated from its sibling LSBs and their associated communications subnets. Of course, the communications subnet of an isolated LSB my be connected to other communications subnets by some other router or router functionality elsewhere in the network.

Anomalies within one communications subnet will not propagate to other communications subnets simply because some traffic is being bridged. Likewise, the effects of bogus spanning tree packets will confine themselves to one communications subnets. Yet because the LSB formalism does not interfere with the normal operation of STP, there is no possibility of creating routing loops within the communications subnet. LSB bridge routers have none of the configuration and reachability problems associated with parallel router filtering bridge architectures.

LSB hybrid bridge routers are superior to ordinary pure routers because such bridge routers provide flexibility in the allocation of bandwidth for throughput or redundancy. An N port LSB can provide redundant bandwidth of M * (the bandwidth of an individual link), where M < N, and throughput bandwidth of (N - M) * (the bandwidth of an individual link) to a given IP interface. No pure router can provide such a capability to craft a network in this way. In fact, the LSB hybrid bridge router architecture is flexible enough that if a need should occur for pathological configuration, an LSB hybrid bridge router, which supports filtering capabilities, can act like a parallel router filtering bridge by configuring the bridge router with one or more LSBs

Because the LSB architecture is a correct architecture for hybrid bridge routing, LSB bridge routers do not limit network design as parallel router filtering bridge architectures would, but rather LSB bridge routers provide hitherto unavailable techniques and potentialities in the construction of sophisticated networks.

If a networking technology were available which provided tremendous bandwidth at low cost, which could span large distances and which could easily provide network security and redundancy, there would be less need to use complex and sophisticated networking techniques to provide needed functionality. But in the absence of such technology, hubs, bridges, routers and high bandwidth media like FDDI all have their place as useful components in the design and construction of computer networks. A disjoint functionality hybrid bridge router can probably provide some savings, but the LSB hybrid bridge router for its price, flexibility and capabilities is perhaps one of the most useful network components yet introduced.

In fact, in a period of economic retrenchment during which recabling for FDDI might be dauntingly expensive, using LSB hybrid bridge routers as a lower cost substitute for FDDI is quite reasonable because LSB hybrid bridge routers can in many cases satisfy those needs which FDDI addresses. LSB hybrid bridge routers even address issues of fault tolerance and redundancy which FDDI does not address very well. While LSB hybrid bridge routers will prove extremely useful network components, a parallel router filtering bridge is in practically all cases a disaster as a networking component when the complexity of the network topology is anything other than trivial. Purchasing or developing a parallel router filtering bridge would be a mistake.

Address Resolution Protocol (ARP). A DOD Internet protocol used on some communications technologies to find a physical address which corresponds to a given IP address. This determination of corresponding physical address is called "address resolution." Usually, ARP procedures are implemented on physical technologies which support broadcast. RFC 826 defines generalized ARP procedures for Ethernet. ARP is not strictly necessary for Ethernet. Rather than using ARP to resolve an IP address to a physical address, the Ethernet driver could simply send IP packets to the broadcast address when the destination physical address is unknown. The Ethernet driver could learn the IP address/physical address mapping from the IP source address and Ethernet source address of received IP packets. After broadcasting an IP packet when the destination physical address is unknown, the transmitting host might receive ICMP redirects from IP routers attached to the same IP subnetwork as the transmitting host, but the ICMP redirects are harmless and could serve as a means for the transmitting host to learn the IP and physical addresses of IP routers attached to the same IP subnetwork to which the transmitting host attaches. Of course, there may be security problems with broadcasting IP packets, and if the destination host never sends a reply, the source host would never learn a physical address to use in association with the destination IP address. In such a case, the source host would always broadcast IP packets to that destination. Such broadcasting, especially if frequent and if the IP packets are large would be rather unneighborly. Even if these specific IP broadcasting problems did not exist, separating address resolution from IP packet transmission would still represent a reasonable partitioning of the problems in using the Ethernet medium for the carriage of IP traffic.

ARPANET. A packet switching computer network developed under auspices of the US Defense Advanced Research Projects Administration (DARPA). The ARPANET first went on line in December, 1969. In current jargon, this type of network is a "switching-fabric" network. The ARPANET IP subnetwork was a central backbone communications subnet within the DARPA Internet until 1983 when it was split into two backbone communications subnets, the ARPANET and MILNET. The ARPANET served the research community while MILNET has served the military community. Since 1990 the ARPANET has been supplanted by faster backbone communications subnets.

Catenet. A concatenation of separate networks. The individuals networks need not have the same type.

Communications Subnet. A network technology concept in contrast to IP subnetwork or DECNET area which are network architecture concepts. A communications subnet transports data units among hosts. Finding paths between hosts is the responsibility of the communications subnet. A communications subnet consisting of a single Ethernet coaxial cable provides an extremely trivial form of path selection. All hosts hear all packets. Communications subnets built with packet switches like IEEE P802.1d MAC bridges or ARPANET IMPs provide somewhat more sophisticated path selection. An internet like the DARPA Internet is a second order communications subnet because it provides host to host path selection by routing packets among IP subnetworks, which themselves correspond to communications subnetworks which select host-to-host paths. IP routers are, in a sense, second order packet switches. A DECNET area corresponds to a single communications subnet. A DECNET Level 1 router cooperatively routes packets among hosts within the communications subnet using a distributed version of the ARPANET decentralized routing algorithm which is based on Ford and Fulkerson's network routing algorithm. Flows in Networks by L. R. Ford, Jr. and by D. R. Fulkerson describes this algorithm. A DECNET which comprises multiple areas constitutes a second order communications subnet, and the DECNET Level 2 routers use the same routing algorithm to route between areas as Level 1 Routers use to route among hosts. DECNET Level 2 Routers like IP routers act as second order packet switches.

DECNET. A computer network which has been implemented according to the Digital Network Architecture and which uses the communications protocols of this network architecture.

Digital Network Architecture (DNA). An evolving layered computer network architecture specified by Digital Equipment Corporation (DEC). DNA provides end-to-end network virtual circuit service to applications via routing datagrams at lower protocol layers. The DEC publication, The DECnet DIGITAL Network Architecture (Phase IV) General Description (Order No. AA-K759B-TK), contains a DNA overview.

DOD Internet Architecture. The ex post facto articulated architecture of the DARPA Internet. The DOD Internet Architecture provides end-to-end virtual circuit and datagram transport service within a large catenet. The core of the DOD Internet Architecture lies in the IP layer and the IP router. The IP layer conceals the details of the individual physical networks. The IP encapsulation provides to end hosts the appearance of a single global virtualized network, which carries packets between the end hosts. The IP routers perform the actual routing of packets within the Internet by routing packets among IP subnetworks. The DOD Internet architecture says little about the selection by a communications subnet of paths between hosts within a single communications subnet which corresponds to an IP subnetwork. The DOD Internet architecture leaves the application interface mostly unspecified, but many implementations use a Berkeley socket interface or an AT&T streams interface. The Elements of Networking Style by Michael Padlipsky contains a flippant introduction to the DOD Internet Architecture.

Internet. A computer network composed of multiple physical networks which may be a different technology types and which appears to end hosts as a single virtualized global network. The DARPA Internet is the most prominent example of an internet.

Internetwork Control Message Protocol (ICMP). A protocol, which is a necessary, integral and obligatory part of IP. ICMP carries control and error messages.

Interface Message Processor (IMP). A packet switch designed the ARPANET communications subnet. IMPs connect either to end hosts or other IMPs. Current jargon designates IMPs as packet switch nodes (PSNs).

IP Address. A 32 bit number used to address hosts within the DARPA Internet. Hosts may be either end hosts or routers. Hosts have at least one unique IP address. The DARPA Internet also supports broadcast and logical group addresses. Host addresses contain a network ID and host ID. The leading bits of the network ID specify the network class which in turn determines the number of bits in the network and host IDs. In the early days of DARPA Internet, IP networks typically corresponded to a single communications subnetwork. Net 10 was the class A network ID of the ARPANET.

IP Subnet Mask. An IP subnet mask defines IP subnetworks within an IP subnetwork, where an IP subnetwork is either an IP network of one of the defined classes or an IP subnetwork. The bitwise "and" of host IP address and IP subnet mask identifies the IP subnetwork to which an IP host attaches.

IP Subnetwork. A hack which enables the division of a single IP network among several communications subnets. The number of possible host IDs on a Class A or a Class B network is much larger than the number of hosts which a single LAN-based communications subnet typically interconnects. The number of possible host IDs on a Class C network may be smaller than the number of hosts to be connected to single LAN based communications subnet. Also using a new Class C network ID for each LAN-based communications subnet can be administratively inconvenient. Dividing an IP network (usually Class B) into IP subnetworks represents one possible solution. IP routers which support IP subnetworks route between IP subnetworks and determine the IP subnetwork to which a host address corresponds by "anding" bitwise the host IP address with configured IP subnet masks. If an IP router knows a path to the destination IP subnetwork, the IP router forwards the packet appropriately. IP routers external to a given IP network need not know the internal IP subnetwork structure to route packets to a host within an IP network which has been divided into subnetworks. An external IP router need only know a route to a border router which can route the packets to subnetworks within the destination IP network. An IP subnetwork itself may also be subdivided into smaller subnetworks about which IP routers external to this subdivided subnetwork need not know.

LAT. A DEC local area asynchronous terminal concentration protocol for Ethernet.

Logical Link Control (LLC). A sublayer within the OSI link layer of IEEE 802 LANs. This sublayer is the medium independent part of the OSI link layer. LLC provides connectionless and connection-oriented services to the network layer. The ANSI/IEEE 802.2 (ISO/DIS 8802/2) standard, Logical Link Control, defines LLC protocol and services for the 802 LAN technologies.

Logical Subbridge (LSB). A Telford Series hybrid bridge router concept (often termed VLAN). The network administrator allocates bridge ports to different logical subbridges. The hybrid bridge router bridges frames between ports allocated to the same logical subbridge. The router functionality routes packets between logical subbridges to which the router functionality has a logical interface. Alternatively, a Telford hybrid bridge router network-layer interface to a communications subnet built from LAN segments can be described as a software-defined embedded bridge.

MAC Bridge. A device for LAN segment interconnection which operates beneath the MAC/LLC interface. The MAC layer of each segment is independent, but the operation of the MAC bridge is completely transparent to end hosts. The IEEE P802.1d MAC Bridges draft proposes a transparent bridge architecture for IEEE 802.3 (Ethernet), 802.4 (Token Bus) and 802.5 (Token Ring) LANs. This document uses MAC bridge to refer to P802.1d MAC bridges. P802.1d MAC bridges use the Spanning Tree Protocol (STP) to find unique paths between hosts. Source Routing (SR) and Source Routing Transparent (SRT) are alternative techniques for routing frames between end hosts over LAN segments. From the standpoint of routing between bridged networks, the same analysis applies to SR bridges and SRT bridges as applies to P802.1d STP MAC bridges.

Medium Access Control (MAC). LAN link layer sublayer which arbitrates access to the medium, which defines medium addressing and which accepts frames from the physical layer and passes them up to the logical link layer. The IEEE 802.3, 802.4, and 802.5 standards define Ethernet, Token Bus and Token Ring MAC layers respectively.

Packet Switch Node (PSN). Currently, the official jargon for a packet switching computer within the ARPANET. This article uses PSN generically for any packet switching device within a communications subnet. Communication computer, node, Intermediate System (IS), packet switch and data switching exchange are equivalent terms.

Packet Switching. A mode of operation for a communications network. A packet switching network routes data packets on the basis of an identifier (e.g. destination address or virtual circuit ID) in the data packet. In most cases, an end host receives only packets which it was meant to receive. Circuit switching is an alternative mode of operation for a communications network. In the context of telephony, a distinction can be made between Packet Switching, Packet Relay, Frame Switching and Frame Relay. From the standpoint of computer networking, these techniques are simply variations of one another.

Packet Filtering. A reception mode for end stations connected to a broadcast medium like most LANs. The receiver discards (e.g. Ethernet) or forwards unchanged (Token Ring) packets not meant for the receiver. Promiscuous reception is another end station mode. Monitors and bridges generally receive promiscuously.

Port. Physical interface from the standpoint of the MAC layer according to P802.1d. Several MAC layer physical interfaces may as a group correspond to a single interface at the network layer.

Request for Comments (RFC). Primary documentation for the DARPA Internet. RFCs comprise reports of work and research, various proposals, current DARPA Internet protocol standards and some unclassifiable essays.

Root Bridge. Highest priority bridge in a simply connected network of P802.1d MAC bridges. According to the P802.1d path costs calculated relative to this bridge are used to determine which ports are to be blocked.