Layer 2 switches and bridges are faster than routers because they don’t need to look at the network layer header information. Switches and bridges just look at the frame’s hardware address (the host’s Media Access Control (MAC) address) and then decide to either forward, flood, or drop the frame. For the most part bridges and switches are the same with switches having mostly replaced bridges (although both are still called bridging technologies).
The few differences between bridges and switches are:
- Bridges use software to create/maintain a filter table and switches use application specific integrated circuits (ASICs) to create/maintain a filter table.
- Switches have more ports than bridges.
- A bridge can have only one spanning tree instance while switches can have many instances.
Bridges/switches break up collision domains but still forward layer 2 broadcasts. They are responsible for three core functions:
1. Address Learning – the source hardware address and interface the frame is received on is remembered for each frame received; this is entered into a MAC database called a forward/filter table.
2. Forward/Filter Decisions – the destination hardware address is looked at and the correct exit interface in the MAC database is found; then the frame is forwarded only out this specific interface
3. Loop Avoidance – in redundant topologies where multiple connections are used between switches, Spanning Tree Protocol (STP) is used to prevent network loops.
When a switch is turned on, the MAC forward/filter table is empty. However, when a host transmits a frame to an interface, the switch places the frame’s source address in the MAC forward/filter table. The switch will now remember the interface the host is located on. Unfortunately, the switch does not know which port the destination host is on so it must flood the packet out all ports except the port the frame was received on; this is called a layer 2 broadcast.
Now, if another host machine responds to the flooded frame by sending back a frame, the switch will place the source address of the frame along with the interface the frame is received on in the MAC database. The next time the hosts attempt to communicate with each other, the switch will already know where the hosts are and there will be no need to flood the frame out all ports again. Simply put, the switch will make a direct connection between the hosts by using the MAC database (frame filtering). Both MAC addresses and their corresponding interfaces will be stored in the database and if the host machines don’t communicate with each other within a set amount of time, the information will be flushed from the database. You can look at the MAC address table on a Cisco switch with the “show mac address-table” command.
In this blog I have discussed the basics of layer 2 switching and the address learning and forward filtering functions performed by the switch. Layer 2 switches also have the task of preventing layer 2 loops within the network. This can occur if there is more than one link connecting switches. This is often done for redundancy purposes but can have the unwanted side effect of creating a network loop since now there is more than one path that can lead to the same host; what essentially occurs is a nasty mess called a broadcast storm. A broadcast storm will lead to slowness of your network and eventually a painful death by bandwidth strangulation. In very large networks it can also be a headache to determine the source of such a loop. To prevent this nightmare from ever occurring switches can take advantage of Spanning Tree Protocol (STP). I will leave the discussion of STP and its behavior for a future blog.
Just one last note – broadcasts, multicasts, and slow convergence of STP can cause latency as your network grows; this is where routers can help segment the network and make your network more efficient. There should be a balance between the size of your network and the number of routers used to help segment the network. Of course, routers or a layer 3 device will be needed when you get into routing between different networks.
Pingback: Humair’s Blogs » Blog Archive » Default STP behavior on Cisco Switches