Doug Lowe - Networking All-in-One For Dummies

So, that’s a recap of the basic operation of the Ethernet networking system. Because it was a great system when it was invented, it quickly replaced the two dominant network technologies that were popular at the time, ARCNET and token ring. But unfortunately, Ethernet had a few serious problems lurking under the surface that proved to be a problem for larger networks:

The frequency of collisions rises exponentially with the number of devices added to the network. When you get too many devices, collisions happen all the time, and devices spend way too much time resending packets, sometimes having to resend them over and over again until a collision doesn’t happen. This results in the network becoming much slower as it grows larger.

The frequency of broadcast packets can quickly increase as more devices are added to the network, further adding to the performance problem and the likelihood of collisions.

Security is difficult to enforce, because every device on the network must examine every packet that comes its way. Even though devices are supposed to ignore packets that aren’t meant for them, there is no way to ensure that they do so.

Switches to the rescue!

A switch is essentially an intelligent hub that has the ability to actually look at the contents of the packets it processes and make intelligent decisions about what to do with them. A hub is a layer-1 device, which means that it can do nothing but receive and amplify electrical signals. In contrast, switches are layer-2 devices, which means they can actually inspect the layer-2 packets and act intelligently based on the content of each packet.

A switch examines the destination MAC address of every packet it receives and forwards the packet only to the port that leads to the packet’s intended destination. Thus, packets aren’t repeated on ports that don’t contain the packets’ destination.

Figure 3-2 shows the same simple network that was shown in Figure 3-1, but this time with a switch instead of a hub. As you can see, the switch is smart enough to know that the data sent by Computer 1 is intended for Computer 3. So it sends the data only to Computer 3; the switch leaves Computer 2 and Computer 3 alone so they can concentrate on other work.

FIGURE 3-2:Unlike a hub, a switch knows where to send its data.

In order to accomplish intelligent forwarding, a switch must know what devices are connected to each of its ports. In the next section, you see how a switch learns what devices are connected to each of its ports.

For a switch to do its job, it needs to know what devices are connected to each of its ports. More specifically, the switch needs to know what MAC addresses are reachable via each of its ports. It does this in an ingeniously simple way: It simply learns. Whenever a packet is received on any of the switch’s ports, the switch examines the sending MAC address in the packet. The switch rightly assumes that if it received a packet from a given MAC address on a given port, the switch can reach that MAC address via that port. For example, if a switch receives a packet from Computer C on port 3, the switch has learned that Computer C is reachable on port 3. The switch adds this information to the MAC address table. This table is sometimes referred to as a forwarding database, because it keeps track of which port packets intended for a given destination should be forwarded to. The MAC address table simply keeps a tally of which MAC addresses are reachable on each port of the switch. Suppose the MAC address for Computer C is 21-76-3D-7A-F6-1E. If the switch receives a packet from port 3 with that MAC address, it would add the following entry to the MAC address table:

In this way, the switch has learned that Computer C is reachable via port 3.

After a short time, the switch will likely receive packets from all its ports and will associate the sender’s MAC address with each port:

It’s important to keep in mind that a switch port might actually connect to more than one device. For example, suppose port 5 isn’t connected to a computer but to another switch, which in turn has three other computers connected to it. In that case, the first switch can receive packets from three different computers on port 5. Then, the switch records each distinct MAC address in its MAC address table, something like this:

The process of building the MAC address table is called learning, and is one of the three basic functions of a switch. The other two are forwarding and flooding, as described in the next two sections.

Now that you know about the MAC address table, you should have a good idea of how a switch knows which ports to forward incoming packets to: The switch simply looks up the destination MAC address in the table and sends the packet out through the corresponding port.

For example, if the switch receives a packet on port 1 intended for MAC address CD-34-E4-B3-2C-76, the switch looks up that MAC address in the table, finds that the MAC address can be reached on port 7, and forwards the packet out to port 7. This process, called forwarding, is the second basic function of a switch.

Switches have memory buffers associated with each port that allow the switch to store a complete packet before forwarding it to the destination port. This allows the switch to hold onto the packet for a bit if necessary before forwarding it. For example, the destination port may be busy sending out a packet received from a different port. Or, the destination port may be busy receiving a packet. In either case, when the port becomes free, the switch can transmit the packet to its destination.

It’s important to understand that the switch does not modify the packet in any way prior to sending it. What gets sent out to the destination port is an exact replica of what was received on the incoming port. When the destination device receives the packet, the device has no idea that the packet passed through the switch. In other words, no tracing information is added to the packet by the switch.

It’s also important to know that, at least at this level of operation of the switch, the switch has no idea or concern for the contents of the Ethernet frame’s payload. In particular, the switch is not concerned with the possibility that the payload may be an IP packet, which in turn contains an IP address. Switching does not rely on or even know about IP addresses. Switching is a layer-2 function, and layer 2 is concerned with MAC addresses. IP addresses are a layer-3 concern and, thus, are hidden from switches.