Helping people with computers... one answer at a time.
Hubs, switches, and routers are all computer networking devices with varying capabilities. Unfortunately, the terms are also often misused.
What's the difference between a hub, a switch, and a router?
In a word, intelligence.
Hubs, switches, and routers are all devices that let you connect one or more computers to other computers, networked devices, or even other networks. Each has two or more connectors called ports into which you plug in the cables to make the connection. Varying degrees of magic happen inside the device and therein lies the difference. I often see the terms misused, so let's clarify what each one really means.
A hub is typically the least expensive, least intelligent, and least complicated of the three. Its job is very simple - anything that comes in one port is sent out to the others.
If a message† comes in for computer "A", that message is sent out all the other ports, regardless of which one computer "A" is on:
And when computer "A" responds, its response also goes out to every other port on the hub:
Every computer connected to the hub "sees" everything that every other computer on the hub sees. The computers themselves decide if they are the targeted recipient of the message and when a message should be paid attention to or not.
The hub itself is blissfully ignorant of the data being transmitted. For years, simple hubs have been quick and easy ways to connect computers in small networks.
A switch does essentially what a hub does, but more efficiently. By paying attention to the traffic that comes across it, it can "learn" where particular addresses are.
Initially, a switch knows nothing and simply sends on incoming messages to all ports:
Even accepting that first message, however, the switch has learned something - it knows on which connection the sender of the message is located. Thus, when machine "A" responds to the message, the switches only need to send that message out to the one connection:
In addition to sending the response through to the originator, the switch has now learned something else - it now knows on which connection machine "A" is located.
That means that subsequent messages destined for machine "A" need only be sent to that one port:
Switches learn the location of the devices that they are connected to almost instantaneously. The net result is that most network traffic only goes where it needs to rather than to every port. On busy networks, this can make the network significantly faster.
A router is the smartest and most complicated of the bunch. Routers come in all shapes and sizes - from the small, four-port broadband routers that are very popular right now to the large industrial strength devices that drive the internet itself.
A simple way to think of a router is as a computer that can be programmed to understand, possibly manipulate, and route the data that it's being asked to handle. Many routers today are, in fact, little computers dedicated to the task of routing network traffic.
As far as simple traffic routing is concerned, a router operates exactly as a switch, learning the location of the computers on its connections and routing traffic only to those computers.
DHCP - Dynamic Host Configuration Protocol - is the way dynamic IP addresses are assigned. A device asks for an IP address to be assigned to it from "upstream" and a DHCP server responds with an IP address assignment. A router connected to your ISP-provided internet connection will typically ask your ISP's server for an IP address; this will be your IP address on the internet. Your local computers, on the other hand, will ask the router for an IP address and these addresses are local to your network.
NAT - Network Address Translation - is the way that the router translates the IP addresses of packets that cross the internet/local network boundary. When computer "A" sends a packet out, the IP address that it's "from" is that of computer "A" - 192.168.1.2 in the example above. When the router passes that on to the internet, it replaces the local IP address with the internet IP address assigned by the ISP. It also keeps track, so that if a response comes back from somewhere on the internet, the router knows to do the translation in reverse - replace the internet IP address with the local IP address for machine "A" and then send that response packet on to machine "A".
A side effect of NAT is that machines on the internet cannot initiate communications to local machines - they can only respond to communications initiated by those local machines.
The net effect is that the router then also acts as a firewall:
What that means is that malware that might spread by trying to independently connect to your computer over the network cannot.
All routers include some kind of user interface for configuring how the router will treat traffic. The really large routers include the equivalent of a full-blown programming language to describe how they should operate as well as the ability to communicate with other routers to describe or determine the best way to get network traffic from point A to point B.
A quick note on one other thing that you'll often see mentioned with these devices and that's network speed. Most devices now are capable of both 10mpps (10 mega-bits, or million bits, per second) as well as 100mbps and will automatically detect the speed.
More and more devices are now capable of handling 1000mbps or a billion bits per second (1gpbs).
Similarly, many devices are now also wireless transmitters that simply act like additional ports on the device.
(This is an update to an article originally published November 19, 2003.)
† I use "message" here to keep things conceptually simple. The more correct term would be "packet," as each of these devices operates on discrete packets of information traveling on the network.