Home
| How Switches Work
| Methods
| STP
| Switching Notes
| Intro to Layer 2
Switching and Bridging
In this Study Guide we'll begin our look at Layer 2 switching concepts. This includes a look
at how switches impact network communication, and how they make forwarding decisions.
Switching and Bridging Concepts
Any look at network switching concepts will
ultimately lead to a discussion about network bridging, and vice versa. At the end of
the day, the roles played by a bridge and a switch are more or less identical - they
help to break a network up into a number of smaller collision domains. Recall from
earlier in the series that a collision domain is simply a group of computers amongst
which data collisions can occur. For example, when connecting systems using a hub, all
systems are considered to be part of the same collision domain, since the hub will
simply forward data out all ports, with no regard for where the actual destination
host is located.
The difference between a bridge and a switch is not very
difficult to comprehend. Bridges came on the network scene first, providing a way to
break up a single large collision domain into a number of smaller collision domains.
The bridging "logic" was usually implemented in software. In contrast, switches are
basically an evolution of bridges - they implement their logic in hardware, and
typically have a much higher port density than a bridge does. While you may still come
across bridges on a network today, they are not nearly as common as they once were,
given that switches tend to be much faster and have dropped significantly in price
over the last 5 years. For all intents and purposes, beyond the differences that I
just mentioned, you can use the words "bridge" and "switch" interchangeably. The
concepts relating to their communication processes are basically identical.
Take a look at the diagram below. In it, all computers are connected to a hub, and as
such, are part of the same collision domain. Collisions are obviously a bad thing,
since when they occur, systems much resend their data, which leads to
less-than-optimal throughput. Because of the shared nature of Ethernet networks, when
systems are plugged into a hub, they can only communicate in half-duplex. As such,
only one system can be transmitting or receiving data at any given point in time.
In the past, in order to make better use of the network
and reduce the number of collisions, companies would implement a network bridge. The
purpose of the bridge was to segment the network in a number of smaller collision
domains, as shown below. The bridge doesn't have any magical qualities. Its job was
simply to help ensure that the "scope" of collisions was made smaller. In the diagram
shown below, data from Computer1 and Computer2 is still capable of colliding. However,
data sent from Computer1 will never directly collide with data from Conputer3, since
the two are in different collision domains. All computers in the diagram below are
still in the same broadcast domain, as we'll discuss shortly.
The reason for the reduction is collisions when a bridge
is implemented in due to the intelligent nature of a bridge. Unlike a hub, a bridge is
capable of making decisions on whether or not to forward a frame based on its
destination MAC address. Because it makes decisions based on MAC addressing, a bridge
is known as a Data Link layer or Layer 2 device.
Consider the diagram below, in which the bridge breaks the network up into 3
collision domains. The job of the bridge is to learn about which systems are connected
on each collision domain, and then store this information in its bridging table. The
learning process occurs as the bridge encounters traffic, and uses the source MAC
address of frames to determine from which interface a given system can be reached. In
this case, as network traffic occurs, the bridge will learn that Computers 1 and 2 are
accessible via interface A, Computers 3 and 4 via interface B, and Computers 5 and 6
via interface C. All of this information is gathered by the bridge inspecting the
source addresses of the frames that it comes into contact with.
In this case, the bridging table would look something like
the table shown below, with the exception that the table would contain MAC addresses
instead of the Computer names.
MAC Address |
Interface |
Computer 1 |
A |
Computer 2 |
A |
Computer 3 |
B |
Computer 4 |
B |
Computer 5 |
C |
Computer 6 |
C |
How this information is used is the key. When
Computer1 attempts to communicate with Computer2, the bridge (via interface A) will
also see these frames. The bridge's job is to decide whether frames that it encounters
should be forwarded or not. In this case, it will look at the destination MAC address
in the frame. Seeing that the destination MAC address is listed as being part of the
collision domain connected to interface A, it will not forward the frame. Two things
have now happened - the bridge has made an intelligent decision, and that decision has
helped to reduce the amount of traffic that needs to be passed to the collision
domains connected to interfaces B and C. Since Computers 1 and 2 are in the same
collision domain, there is no good reason to burden other collision domains with this
unnecessary traffic.
However, let's say that Computer1 now wants to communicate
with Computer3, who is in a different collision domain. In this case, when the bridge
encounters the frame, it will look up the destination MAC address in its forwarding
table. In doing this, it will discover that Computer3 can be reached from interface B.
The bridge will forward this frame out interface B only, thus allowing it to reach
Computer3. In this case, the bridge helped to ensure that traffic was not also
forwarded to the collision domain connected to interface C, again helping to reduce
network traffic.
It should already be starting to become apparent as to how a
bridge makes a network more efficient by acting as a type of traffic filtering device.
However, there are a couple of things that you must keep in mind. The first is the
impact of broadcast traffic. On an Ethernet network, the destination address of a
frame may be FF-FF-FF-FF-FF-FF, otherwise known as the broadcast address. In other
words, this frame is meant to be seen by all hosts. As such, a bridge will always
forward broadcast traffic to all connected interfaces. The reason? A bridge breaks up
a network into smaller collision domains, but all computers are still part of the same
broadcast domain. Just remember that a bridge will always forward broadcasts out all
of its interfaces except for the one on which the broadcast originated (since it has
obviously already been seen by hosts in that collision domain).
Besides
broadcast traffic, a bridge will always forward all frames destined for unknown (to
the bridge) MAC addresses. For example, imagine if Computer7 was just turned on in the
collision domain connected to bridge interface C. The bridge doesn't yet know it,
since it may not have transmitted any traffic. In this case, let's assume that
Computer1 is attempting to communicate with Computer7. When the bridge encounters the
frame on interface A, it will check it's bridging table and see that it doesn't yet
have an entry for the destination MAC address. As such, it will forward the frame out
each of its interfaces, which the exception of the one on which the frame arrived.
Ultimately Computer7 will respond, giving the bridge a chance to add it to its
bridging table, and helping to ensure that subsequent frames are not needlessly
forwarded to each interface. Remember that a bridge will always forward all frames
with "unknown" destination MAC addresses to all connected interfaces, besides the one
the transmission originated on.
In the example that we just looked at, our
bridge has 3 interfaces, thus connecting three collision domains. One limitation of a
bridge is that they typically supported no more than 16 interfaces, and the bridging
logic was implemented in software. In contrast, a switch implements its switching
logic in hardware (via Application Specific Integrated Circuits, or ASICs), and is
typically capable of supporting much higher port densities.
When you think of a
switch, simply consider it to be a faster bridge with more ports. Each and every port
on a switch represents a collision domain. For example, a 10-port switch provides 10
collision domains.
Like a bridge, a switch also has a bridging/forwarding (or
MAC address) table. In this case, each port has only a single computer connected. As
such, each collision domain is made up of only one system - without multiple systems
in a collision domain, collisions cannot occur. This is part of the reason why
companies have migrated to switches from hubs - the lack of collisions allows full
access to bandwidth, as well as the ability for connected systems to communicate in
full-duplex.
However, it is also possible to plug a hub into a switch.
Consider the example below, where a hub is plugged into port 3 on the switch. The 4
computers plugged into the hub can only communicate in half duplex, and are all part
of the same collision domain. Once the bridging table on the switch has been updated,
the MAC addresses of all 4 computers will be shown as being accessible via port 3. If
you've ever wondered why the MAC address tables in many switches are rated to support
up to 1000 or more MAC addresses, this is the reason - it is possible that many levels
of hubs ultimately terminate on the same switch port.
The operation of the switch is almost identical to that of a
bridge. The MAC address table of a switch is built by inspecting the source MAC
address of frames. Forwarding decisions are made using the destination address of
frames. When the switch receives a frame, it looks at the destination MAC address and
then forwards it out only the port associated with that MAC address. Like a bridge, a
switch will always forward all broadcast and frames with unknown destinations to every
port, with the exception of the port on which the transmission originated.
It is exceptionally important to recognize the impact of a switch in the network
communication process. When only a single system is connected to each and every switch
port, not only is each collision domain made up of only one system, but full-duplex
communication also becomes possible. In other words, if three systems were connected
at 10 Mbps, and a server was connected at 100 Mbps, all three clients could both send
and receive a full 10 Mbps of traffic to the server simultaneously. This is a huge
step up from a hub, where the basic bandwidth (say 10 Mbps) would be shared amongst
all four system, half-duplex, with collisions probably a very regular occurrence.
Because of this, many people consider a switch to be a magic box, and in a way it is -
I can't think of a single way to squeeze dramatically better performance out of a
network than by replacing all hubs with switches.
Next we'll take a look at the
different switching methods available on a Cisco router and how they compare, as well
as a look at the Spanning Tree Protocol, which isn't nearly as difficult to understand
as you might think.
Top