Unlike bridges that use software to create and manage a filter table, switches use applicationspecific integrated circuits (ASICs) to build and maintain their filter tables. But it's still okay to think of a layer 2 switch as a multiport bridge because their basic reason for being is the same: to break up collision domains. Layer 2 switches and bridges are faster than routers because they don't take up time looking at the Network layer header information. Instead, they look at the frame's hardware addresses before deciding to either forward the frame or drop it.
Switches create private dedicated collision domains and provide independent bandwidth on each port, unlike hubs. The following picture shows five hosts connected to a switch-all running 100Mbps halfduplex to the server. Unlike a hub, each host has 100Mbps dedicated communication to the server.
Layer 2 switching provides the following:
- Hardware-based bridging (ASIC)
- Wire speed
- Low latency
- Low cost
What makes layer 2 switching so efficient is that no modification to the data packet takes place. The device only reads the frame encapsulating the packet, which makes the switching process considerably faster and less error-prone than routing processes are. And if you use layer 2 switching for both workgroup connectivity and network segmentation (breaking up collision domains), you can create a flatter network design with more network segments than you can with traditional routed networks. Plus, layer 2 switching increases bandwidth for each user because, again, each connection (interface) into the switch is its own collision domain. This feature makes it possible for you to connect multiple devices to each interface.
Limitations of Layer 2 Switching
Since we commonly stick layer 2 switching into the same category as bridged networks, we also tend to think it has the same hang-ups and issues that bridged networks do. Keep in mind that bridges are good and helpful things if we design the network correctly, keeping their features as well as their limitations in mind. And to design well with bridges, the two most important considerations are:
- We absolutely must break up the collision domains correctly.
- The right way to create a functional bridged network is to make sure that its users spend 80 percent of their time on the local segment.
Bridged networks break up collision domains, but network is still one large broadcast domain. Neither layer 2 switches nor bridges break up broadcast domains by default- something that not only limits your network's size and growth potential, but can also reduce its overall performance. Broadcasts and multicasts, along with the slow convergence time of spanning trees, can give you some major grief as your network grows. These are the big reasons why layer 2 switches and bridges cannot completely replace routers (layer 3 devices) in the internetwork.
LAN switches forward Ethernet frames-they just have to decide when to forward them and when not to. Most switch logic relates somehow to the source and destination MAC addresses inside the Ethernet frame headers of the frames sent through the LAN. Switch logic is also dependent on the type of MAC addresses used. So, a brief review of Ethernet addresses can help shed some light on how LAN switches work.
The IEEE defines three general categories of MAC addresses on Ethernet:
- Unicast addresses-A MAC address that identifies a single LAN interface card. Today, most cards use the MAC address that is burned into the card.
- Broadcast addresses-The most often used IEEE group MAC address, the broadcast address, has a value of FFFF.FFFF.FFFF (in hexadecimal notation). The broadcast address implies that all devices on the LAN should receive and process a frame sent to the broadcast address.
- Multicast addresses-Frames sent to unicast addresses are destined for a single device; frames sent to a broadcast address are sent to all devices on the LAN. Frames sent to multicast addresses are meant for all devices that care to receive the frame, meaning that all devices might receive the frame, none, or some number in between. Some applications need to communicate with multiple other devices. By sending one frame, all the devices that care about receiving the data sent by that application can process the data, and the rest can ignore it.
With these reminders of the three types of Ethernet MAC addresses, you can appreciate the logic used by a LAN switch. A switch listens for frames that enter all its interfaces. After receiving a frame, about a switch decides whether to forward a frame and, if so, out which port(s). Switches basically perform three tasks:
- Learning-The switch learns MAC addresses by examining the source MAC address of each frame the bridge receives. By learning, the switch can make good forwarding choices in the future.
- Forwarding or filtering-The switch decides when to forward a frame or when to filter (not forward) it based on the destination MAC address. The switch looks at the previously learned MAC addresses in an address table to decide where to forward the frames.
- Loop prevention-The switch creates a loop-free environment with other bridges by using Spanning Tree Protocol (STP). Having physically redundant links helps LAN availability, and STP prevents the switch logic from letting frames loop around the network indefinitely, congesting the LAN.
The third task, loop prevention, is performed using STP, which is covered in depth in the next chapter.