Tutorials » switching » Understanding How Ethernet Switches Work
New Batch Starts on 16th Oct.
Module: Network Fundamentals (L2 L3 Protocol Testing)
Timing: 07:00 AM to 08:00 AM IST (Weekdays) Sign Up Now !

Understanding How Ethernet Switches Work

An Overview of Mac Learning, Flooding, Collision and Broadcast Domain in Ethernet Switches

This tutorial answers key interview questions about Ethernet switching to help you understand the Ethernet switch and the layer 2 frame forwarding process. You will learn how the switch works, why it is better than hubs, and important concepts like VLAN, VLAN tagging, and the differences between Layer 2 and Layer 3 switches. By the end, you will have a clear understanding of the Ethernet switch and its role in building efficient and reliable local area networks (LANs).

Table of Contents

What is an Ethernet switch?

An Ethernet switch interconnects devices like computers, printers, servers, routers, and modems to create a local area network (LAN). We also call them network switches or LAN switches. They provide full duplex, collision-free communication between the devices connected to them.

There are two types of switches: Layer 2 (L2) switches and Layer 3 (L3) switches. L2 switches use MAC addresses to make forwarding decisions, so we consider them Layer 2 devices. L3 switches, or multilayer switches, use both MAC and IP addresses to forward traffic, so we consider them Layer 3 devices

How does an Ethernet switch work?

An Ethernet switch (or network switch) learns the MAC addresses of connected devices and creates a MAC table. When a switch receives a frame, it checks the destination MAC address and looks up the MAC table to determine which interface the MAC is connected to. The switch then forwards the frame directly to that port. Switches create a unidirectional temporary path from the source port to the destination port to forward frames.

Diagram illustrating a Switch using a MAC table to forward an incoming frame to the correct port
Switch forwarding a frame using the MAC address table

What Are the Differences Between Switches and Hubs?

Hubs also connect network devices to set up a LAN, but they flood all the frames they receive, disturbing all connected devices. Hubs do not act as intelligent devices; they only forward frames to all connected devices. On the other hand, switches act as intelligent devices. They learn the MAC addresses of connected devices and create a MAC table. Switches base forwarding decisions on the destination MAC address in the frame. Therefore, switches unicast the frame directly to the destination without disturbing other connected devices.

Image showing a hub flooding all frames to all ports, and a switch sending frames directly to the destination using MAC addresses
Flooding in Hub Vs Unicasting in Switch

Cases When a Switch Will Flood a Frame:

A switch floods a frame in three cases:

1. When the destination MAC address is an unknown unicast: If a switch receives a frame with a destination MAC address that is not in its MAC table, it does not know which port to send the frame to. To ensure the frame reaches its intended recipient, the switch floods the frame out of all its ports except the one it received it on. Once the destination device replies, the switch learns its MAC address and updates the MAC table.

2. When the destination MAC address is a broadcast: The broadcast MAC address (FF:FF:FF:FF) indicates that the frame is intended for all devices on the network. When a switch encounters a broadcast address, it floods the frame out of all ports to ensure every connected device receives the broadcasted data.

3. When the destination MAC address is a multicast: Multicast addresses are used to deliver frames to a specific group of devices. By default, the switch does not know where the group members are connected, so it floods the frame out of all ports

What is a collision domain?

A collision domain consists of a network segment where data frames can collide when multiple devices transmit simultaneously. In Ethernet networks using half-duplex communication, devices share the same communication medium, such as a segment of a coaxial cable or a hub, which leads to potential collisions. When two devices transmit data at the same time, their signals interfere with each other, causing a collision. In contrast, modern Ethernet networks using full-duplex communication, such as switches connected by twisted pair cables, eliminate collision domains for each port. Full-duplex communication allows devices to transmit and receive data simultaneously on dedicated pairs of wires, eliminating the possibility of collisions and improving overall network efficiency

What is a broadcast domain?

In computer networking, a broadcast domain refers to a segment of a network where broadcast messages can reach all devices. When devices send broadcast messages, such as ARP requests or DHCP requests, these messages reach all devices within that specific broadcast domain. By default, switches include all ports in the same broadcast domain. This means that when any device connected to the switch sends broadcast messages, the switch forwards these messages to all other devices connected to any port on the switch. This can lead to network congestion if there are many broadcast-intensive applications or devices. To manage broadcast traffic more effectively, switches often use VLANs (Virtual Local Area Networks) to create separate broadcast domains. Devices within the same VLAN can communicate with each other directly, reducing the scope of broadcast messages and improving network efficiency.

What is a tagged port or trunk port?

A tagged port or trunk port is a port that connects one switch to another switch. When one switch forwards a frame to another, it includes VLAN information. This process is called VLAN tagging. We call the port that performs VLAN tagging a tagged port.

What is an untagged port or an access port?

An untagged port, or access port, connects to an end device like a computer, printer, or router. The switch does not add a VLAN tag when it sends a frame out of an untagged port.

Image showing tagged ports and untagged ports on switches
Tagged Ports and Untagged Ports

Difference Between a Layer 3 Switch and A Layer 2 Switch

Layer 2 switches can use only MAC addresses to make the forwarding decision, while Layer 3 switches combine the capabilities of traditional Layer 2 switches with routing functionalities found in routers. They can route data between different VLANs and subnets, simplifying network design and reducing the need for separate routers. This integration enhances network efficiency and facilitates faster data transfer across complex networks.

Next >>> Understanding VLANs, Tagging Process, and Configuration

Previous >>> OSPF Configuration Example 1: Adjacency Formation

Further Reading : Cisco Switches

Courses:

Protocol Testing Course

We’d love to hear your feedback and suggestions about this article. Feel free to reach out to us using the WhatsApp number below.

Sajith Achipra has been a trainer and testing consultant at Zframez Technologies since 2009. With 15+ years of experience, he specializes in networking, Python, development, and testing. He conducts online courses to help students and professionals enhance their skills. You can reach him on WhatsApp at +91 8884 884 844 for your training and testing requirements.