# Network Device Comparison ## Comparing Devices by OSI Layer Network devices operate at different layers of the OSI model, and this determines what they can see and do with network traffic. Repeaters and hubs operate at Layer 1, the Physical layer. They work with raw electrical signals and bits. They have no awareness of addressing or higher-level data structures. Bridges and switches operate at Layer 2, the Data Link layer. They work with frames and MAC addresses. They can examine the source and destination MAC addresses of frames to make intelligent forwarding decisions. Routers operate at Layer 3, the Network layer. They work with packets and IP addresses. They can route packets between different networks. Gateways can operate at multiple layers up to Layer 7, the Application layer. They can translate between fundamentally different protocols and data formats. ## Hub vs Switch A hub is a simple device that broadcasts all received traffic out all ports. A switch learns MAC addresses and forwards traffic only to the correct port. Hubs create a single collision domain where devices compete for bandwidth. Switches create separate collision domains for each port. Switches provide much better performance than hubs, especially as the number of connected devices increases. Switches also provide better security because devices cannot see each other's traffic. Switches have entirely replaced hubs in modern networks. ## Switch vs Router A switch connects devices within the same network segment using MAC addresses. A router connects different networks using IP addresses. A switch does not change the source or destination addresses as it forwards frames. A router changes the source and destination MAC addresses as it forwards packets between networks, though the IP addresses remain the same from end to end. For communication within a local network, a switch is sufficient. For communication between different networks, a router is required. ## Router vs Firewall A router determines where to forward packets based on routing tables and IP addresses. A firewall examines packets based on security rules and decides whether to allow or block them. A router without a firewall will forward all packets regardless of whether they represent legitimate or malicious traffic. A firewall without a router cannot connect multiple networks. In practice, routers and firewalls are often implemented as separate devices where the firewall sits between the router and the internal network, or they may be combined into a single device. Home routers typically include both routing and basic firewall functionality in one device.