Menu

US Region

Grandmetric LLC
Lewes DE 19958
16192 Coastal Hwy USA
EIN: 98-1615498
+1 302 691 94 10
info@grandmetric.com

EMEA Region

GRANDMETRIC Sp. z o.o.
ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43
info@grandmetric.com

UK

Grandmetric LTD
Office 584b
182-184 High Street North
London
E6 2JA
+44 20 3321 5276
info@grandmetric.com

  • en
  • pl
  • How does a switch work?

    How does a switch work?

    Date: 08.03.2018

    Author:


    To explain how a switch works, let me make an introduction to the subject by explaining the background of TCP/IP stack layers, frames, and the purpose of a switch. This will help you to understand the exact operation of the switch which is the main agenda here.

    To allow communication between billions of computer devices, intermediate network devices are needed. As we know from the How does Router work post, routers, like crossroads and road signs, properly direct packets from the source to the destination. They look into the IP packet header searching for the destination IP address (Source and destination IP are included in the packet header) and based on a local routing table, route the packet to the next hop towards the destination. So routers operate at Layer 3 (IP Packet is network layer – Layer 3 communication structure).

    routers

    Ethernet Switch operates at Layer 2 (Data Link Layer)

    Contrary to routers, Ethernet switches don’t understand IP packets but frames. As an IP packet has info for a router, a frame has info for a switch. What is the purpose of a frame? We have nowadays two most common types of network access:

    • Wireless medium – WiFi
    • Wired Ethernet medium – we often call it Cable/Wired or  simply Ethernet

    The frame is a portion of the information that allows for packets to traverse a particular medium from one device interface to another. Ethernet, as an example, describes many technical parameters of how devices can access the network, how cable connectors should look, what speeds the transmission can achieve, and finally how the bits and addresses are organized. So layer 2 is strictly connected with the type of medium or interface of the device. Take a look at the TCP/IP communication model to localize Layer 2 (Data Link Layer). Layer 2 is where the switch operates (marked in red).

    TCP IP Model

    Ethernet Frame

    Every IP device produces packets and they are forwarded across the network regardless of network access type. Every access type uses its own structure to forward the data in its environment. Ethernet uses a structure called Ethernet Frame. Frame “surrounds” the packet as shown in the below picture.

    Ethernet Frame

    To transport IP packets through the Ethernet environment, Ethernet facing device adds extra bits to the front and back of the IP packet making the frame. This bit-adding process is called encapsulation. The frame header contains inter alia source and destination MAC addresses. The source MAC address is the physical address of the sending device, and the destination MAC address is the Ethernet (physical interface) address of the destination device within the same Ethernet segment. Remember that the frame is specific for the Ethernet segment that is why the frame doesn’t last traversing many mediums and many separate ethernet segments.

    Purpose no. 2 of a switch: designed for port density

    You can ask: If there is computer to computer direct Ethernet connection why do I need the Ethernet switch? Right, but what if you need to connect a third device to the group of devices (ethernet segment)? Then you need a communication device with a particular logic. And this is what the switch is intended for.

    Why i need a switch

    Now, we need to have some devices that allow us to connect a high amount of users and wired devices together. This is something that routers are not intended for. Because routers in most situations have a limited number of ports, operate with more advanced features, and are more expensive. Let’s imagine that we need to connect a small home network (4 laptops) with the router to Internet Provider! Not possible, not enough ports!

    switches intention

    A switch is an adequate medium for such a requirement. Switches are considered the best network devices to wire connect a high number of ethernet devices.

    what is switch

    So how does the switch work?

    If we have computers connected to our switch we can concentrate on how does switch really work. Every device has a hardcoded physical address called MAC Address. Again, if the computer sends the IP packet to another device, it encapsulates the packet with the frame using the destination MAC address of device B and its own MAC address as the source and then sends it out. When a frame arrives at device B, it is stripped and an IP packet is received but before it gets there it traverses the ethernet switch/es.

    Switching process

    When a frame arrives at a switch, the switch needs to direct the frame out through the right port, this redirection is called switching. When a frame enters the switch port, the switch checks the dynamic table in memory which stores Physical Port and MAC address pairs. Switch then knows which port to use to forward the frame.

     Switching process

    Remember: switch does not look into the IP packet and forwards frame as is based on the destination MAC address.

    How does the switch build the table? The switch learns the mac and port pairs in the process called MAC learning: When a frame first arrives at the switch port, the switch checks the source MAC address within the frame and stores it next to the port number on which it was received.

    This process builds the table known as CAM (Content Addressable Memory) or TCAM (Ternary Content Addressable Memory). And what about destination MAC addresses that are not known to the switch yet?

    In our picture, device B’s MAC address is unknown to the switch yet. If a frame directed to this device B MAC arrives on the switch port, the switch consults the TCAM table and if it does not find the MAC address- it multiplicates the frame sending it out to all the ports except the one it was received on. All the devices that the frame was not intended for drop the frame and only device B will interpret this frame correctly.

    After device B will send back the frame to device A, the switch will learn the device B MAC and will store it in the table, and will forward the frame directly to the device A without having to multiply because it has the MAC and port already (1 A).

    Switches and broadcast traffic

    Switches treat broadcast traffic specifically. Frames with the destination MAC address of all “ones” or FF:FF:FF:FF:FF:FF in hexadecimal notation are sent unconditionally out on all ports except the one it was received on. On one hand, broadcast traffic is very important for Ethernet operations like Address Resolution Protocol (ARP), on the other hand, the broadcast could be the cause of serious network issues like broadcast storms or unwanted traffic handling, or resource overutilization. That is why proper traffic segmentation in layer 2 is very important for network security as well as reliability.

    Switch and Router on the path

    Having knowledge of how the switch works, and how routers work, you should be able to clearly describe what is going on with an IP packet flowing across the network. IP packet sent across the network from computer A to computer B very likely has to pass several network segments. Some connected with Ethernet and some with WiFi. Every network segment will use a different medium access method so different frames but packets stay the same.

    • Device A sends an IP packet encapsulated with an Ethernet frame
    • Switch switches the frame to the next device which is a router, preserving the frame
    • The router looks into IP header and strips (decapsulates) the frame
    • After choosing the right interface to route, the packet is encapsulated with a WiFi frame
    • WiFi frame comes to the device B, device decapsulates the frame and interprets the IP packet

    Encpasulation

    To see other posts on the network and wireless fundamentals see our explained section.

    Author

    Grandmetric

    Grandmetric is an IT Next Generation Systems integration company helping clients with their IT transformation, infrastructure automation, LAN, WiFi, SD-WAN & SDN delivery. Fast growing Grandmetric team is becoming also a referal point in Cloud migrations and DC Stack management with their Storage, OS and virtualization experience. Grandmetric provides technical insights along with technical trainings in areas of expertise. Latest projects cover also IoT subjects R&D in the area of IoT backend development, big data analysis and monitoring. Based on above experience in production systems maintenance, new division – Grandmetric Managed Services (GMS) maintaining IT infrastructure of corporates & globally present customers is available for demanding IT environments.

    6 Comments
    beohu
    6 April 2020 at 14:52

    Hi,

    I have a question:
    If the switch just process the frame (don’t look at IP layer), so how it can filter the packet by access-list (based on IP address).

     
    WestFarmer
    1 June 2020 at 13:31

    What software used to draw these beautiful charts?

     
    Joanna Chmiel
    25 June 2020 at 13:47

    We’re happy to hear you liked our charts. They’re custom made by our team, including icons. No particular software involved, apart from Powerpoint.

     
    Karthik
    19 June 2021 at 16:37

    Thank you so much for presenting this article, cleared my doubt.

     
    Joanna Chmiel
    25 June 2021 at 11:18

    Great to hear that, Karthik!

     
    Joseph
    29 May 2022 at 18:36

    On a Cisco switch, after a broadcast has taken place and a computer connected to the switch has accepted the frame even though it doesn’t have a destination MAC for this computer that has accepted.

    Question :
    Why did this computer accept this frame and message.
    Is it because of the ip address in the ip packet the frame is holding.

     

    Leave a Reply

    Your email address will not be published. Required fields are marked *


    Cisco Catalyst Switch

    Up to 60% discount for Cisco Catalyst switches portfolio. Get quote for C9200 | C9300 C9400 | C9500 | C3850 family

    Check availability
    Grandmetric