5-3 The Network Switch
The bridge provides a method for isolating the collision domains for interconnected LANs but lacks the capability to provide a direct data connection for the hosts. The bridge forwards the data traffic to all computers connected to its port. This was shown in Figure 5-2. The networking hub provides a technology for sharing access to the network with all computers connected to its ports in the LAN but lacks the capability to isolate the data traffic and provide a direct data connection from the source to the destination computer. The increase in the number of computers being used in LANs and the increased data traffic are making bridges and hubs of limited use in larger LANs. Basically, there is too much data traffic to be shared by the entire network. What is needed is a networking device that provides a direct data connection between communicating devices. Neither the bridge nor the hub provides a direct data connection for the hosts. A technology developed to improve the efficiency of the data networks and address the need for direct data connections is the layer 2 switch.
The layer 2 switch is an improved network technology that addresses the issue of providing direct data connections, minimizing data collisions, and maximizing the use of a LAN’s bandwidth; in other words, that improves the efficiency of the data transfer in the network. The switch operates at layer 2 of the OSI model and therefore uses the MAC or Ethernet address for making decisions for forwarding data packets. The switch monitors data traffic on its ports and collects MAC address information in the same way the bridge does to build a table of MAC addresses for the devices connected to its ports. The switch has multiple ports similar to the hub and can switch in a data connection from any port to any other port, similar to the bridge. This is why the switch is sometimes called a multiport bridge. The switch minimizes traffic congestion and isolates data traffic in the LAN. Figure 5-4 provides an example of a switch being used in a LAN.
FIGURE 5-4 A switch used to interconnect hosts in a LAN.
Figure 5-4 shows a switch being used in the LAN to interconnect the hosts. In this figure, the hub has been replaced with a switch. The change from a hub to a switch is relatively easy. The port connections are the same (RJ-45), and once the connections are changed and the device is powered on, the switch begins to make the direct data connections for multiple ports using layer 2 switching.
The LAN shown in Figure 5-5 contains 14 computers and 2 printers connected to 16 ports on the switch, configured in a star topology. If the computer connected to port 1 is printing a file on the laser printer (port 12), the switch will set up a direct connection between ports 1 and 12. The computer at port 14 could also be communicating with the computer at port 7, and the computer at port 6 could be printing a file on the color printer at port 16. The use of the switch enables simultaneous direct data connections for multiple pairs of hosts connected to the network. Each switch connection provides a link with minimal collisions and therefore maximum use of the LAN’s bandwidth. A link with minimal collisions is possible because only the two computers that established the link will be communicating over the channel. Recall that in the star topology each host has a direct connection to the switch. Therefore, when the link is established between the two hosts, their link is isolated from any other data traffic. However, the exception to this is when broadcast or multicast messages are sent in the LAN. In the case of a broadcast message, the message is sent to all devices connected to the LAN. A multicast message is sent to a specific group of hosts on the network.
FIGURE 5-5 A switch used to interconnect the networking devices in a LAN.
Hub–Switch Comparison
An experiment was set up to test the data handling characteristics of a hub and a switch given the same input instructions. The objective of this experiment was to show that data traffic is isolated with a switch but not with a hub. For this experiment, a LAN using a hub and a LAN using a switch were assembled. The LANs are shown in Figure 5-6(a) and (b). Each LAN contains four computers connected in a star topology. The computers are marked 1–4 for reference. The IP addresses are listed for each host.
FIGURE 5-6 (a) The LAN experiment with a hub; (b) the LAN experiment with a switch.
The Hub Experimental Results
In this experiment, computer 1 pinged computer 3. Computer 2 was used to capture the LAN data traffic using a network protocol analyzer. What are the expected results? Remember, a hub is a multiport repeater, and all data traffic input to the hub is passed on to all hosts connected to its ports. See the Ping Command Review section that follows for a brief review of the use of the ping command.
Ping Command Review
The ping command is used to verify that a network connection exists between two computers. The command format for ping is:
ping [ip address] {for this example ping 10.10.10.3}
After a link is established between the two computers, a series of echo requests and echo replies are issued by the networking devices to test the time it takes for data to pass through the link. The protocol used by the ping command is the Internet Connection Message Protocol (ICMP).
The ping command is issued to an IP address; however, delivery of this command to the computer designated by the IP address requires that a MAC address be identified for final delivery. The computer issuing the ping might not know the MAC address of the computer holding the identified IP address (no entry in the ARP cache table); therefore, an ARP request is issued. An ARP request is broadcast to all computers connected in the LAN. The computer that holds the IP address replies with its MAC address, and a direct line of communications is then established.
The data traffic collected by computer 2 when computer 1 pinged computer 3 is provided in Figure 5-7. The first line of the captured data shows the ARP request asking who has the IP address 10.10.10.3. The second line of the captured data shows the reply from 10.10.10.3 with the MAC address of 00-B0-D0-25-BF-48. The next eight lines in the captured data are the series of four echo requests and replies associated with a ping request. Even though computer 2 was not being pinged or replying to the ARP request, the data traffic was still present on computer 2’s hub port. The echo reply is from a Dell network interface card with the last six characters of the MAC address of 25-BF-48. The echo request is coming from a computer with 13-99-2E as the last six hex characters of its MAC address.
FIGURE 5-7 The captured data traffic by computer 2 for the LAN [Figure 5-6(a)] using a hub.
The Switch Experimental Results
The same experiment was repeated for the LAN shown in Figure 5-6(b), this time using a switch to interconnect the computers instead of a hub. This network consists of four computers connected in a star topology using a switch at the center of the network. The ping command was sent from computer 1 to computer 3, ping 10.10.10.3. The ARP cache for computer 1 is empty; therefore, the MAC address for computer 3 is not known by computer 1. An ARP request is issued by computer 1, and computer 3 replies. The series of echo requests and echo replies follow; however, the data traffic captured by computer 2 (Figure 5-8), shows the ARP request asking who has the IP address 10.10.10.3. This is the last of the data communications between computers 1 and 3 seen by computer 2. A direct line of communication between computers 1 and 3 is established by the switch that prevents computer 2 from seeing the data traffic from computers 1 and 3. The only data traffic seen by computer 2 in this process was the broadcast of the ARP request. This is true for any other hosts in the LAN. The results of this experiment show that the use of the switch substantially reduces data traffic in the LAN, particularly unnecessary data traffic. The experiment shows that the broadcast associated with an ARP request is seen by all computers but not the ARP replies in a LAN using a switch. This is because a direct data connection is established between the two hosts. This experiment used pings and ARPs; however, this same advantage of using a switch is true when transferring files, image downloads, file printing, and so on. The data traffic is isolated from other computers on the LAN. Remember, the switch uses MAC addresses to establish which computers are connected to its ports. The switch then extracts the destination MAC address from the Ethernet data packets to determine to which port to switch the data.
FIGURE 5-8 The data traffic captured by computer 2 for the LAN [Figure 5-6(b)] using a switch.
Managed Switches
A managed switch is simply a network switch that allows the network administrator to monitor, configure, and manage certain network features such as which computers are allowed to access the LAN via the switch. Access to the management features for the switch is password protected so that only the network administrators can gain entry. The following information describes some of the features of the managed interface for a Cisco Catalyst 2900 series switch established using the Cisco Network Assistant (CNA). This software can be downloaded from Cisco and provides an easy way to manage the features of the Cisco switches. (Note: The download requires that you have set up a Cisco user account and password. The Cisco Network Assistant provides for a centralized mode for completing various network administration tasks for switches, routers, and wireless networking equipment.)
The start-up menu for a Cisco Catalyst 2960 switch obtained via the CNA is provided in Figure 5-9. The image is showing the current setup for the switch. The assigned IP address for the switch is 192.168.1.1, and a router and a switch are interconnected with the switch. The steps for setting the IP address for an interface on the switch are presented later in this section.
FIGURE 5-9 The start-up menu of a Cisco Catalyst switch using the Cisco Network Administrator software.
The current connections to the ports on the switch can be viewed by clicking the stacked switch icon at the top of the screen as shown in Figure 5-10. The image of the switch port connections shows ports 1, 2, and 3 are brighter, indicating that there are networking devices connected to the ports. The MAC addresses of the devices connected to the switch ports can be displayed by clicking the MAC address button under the Configure button as shown in Figure 5-11. Four MAC addresses are assigned to port 1, one MAC address is assigned to port 2, and one MAC address is assigned to port 3. Multiple networking devices can be connected to a port if the devices are first connected to another switch or hub and the output of the switch or hub is connected to one switch port. An example showing four devices connected through a hub to port 1 on the switch is shown in Figure 5-12. The output interface information for the MAC Addresses table shows the following information in Figure 5-11:
- FastEthernet 0/1
- FastEthernet 0/2
- FastEthernet 0/3
FIGURE 5-10 The highlighted ports showing the current connections and the location of the stacked switches icon.
FIGURE 5-11 The menu listing the MAC addresses currently connected to the switch.
FIGURE 5-12 An example of a hub connected to a switch port, with four computers connected to the hub.
Notice that the Dynamic Address tab is highlighted. This indicates that this is a listing of the MAC addresses that have been assigned dynamically. Dynamic assignment means that the MAC address was assigned to a port when a host was connected. There is also a tab for Static Addresses. Static addressing indicates that the MAC address has been manually assigned to an interface, and the port assignment does not expire. The Secure tab shows what switch ports have been secured. A secure address means that a MAC address has been assigned to a port, and the port will automatically disable itself if a device with a different MAC address connects to the secured port.
The FastEthernet 0/1, FastEthernet 0/2, FastEthernet 0/3 notation indicates the [Interface Type Slot#/Interface#] on the switch, and FastEthernet indicates that this interface supports 100Mbps and 10Mbps data rate connections.
The “Aging Time” is listed to be 300 seconds. Aging time is the length of time a MAC address remains assigned to a port. The assignment of the MAC address will be removed if there is no data activity within this time. If the computer with the assigned MAC address initiates new data activity, the aging time counter is restarted, and the MAC address remains assigned to the port. The management window shows a switch setting for enabling “Aging.” This switch is used to turn off the aging counter so that a MAC address assignment on a port never expires.
The IP address on a switch interface can be configured using the Cisco Network Assistant software by clicking Configure > Device Properties > IP Addresses. This opens the IP Addresses menu shown in Figure 5-13. Click the area where the IP address should be entered. This opens a text box for entering the IP address. Enter the IP address and click OK to save the IP address.
FIGURE 5-13 Configuring an IP address on an interface.
The benefits of using a network switch are many in a modern computer network. These benefits include less network congestion, faster data transfers, and excellent manageability. It has been shown that a network switch can be used to replace the network hub, and the advantage is that data traffic within a LAN is isolated. The term for this is isolating the collision domains, which is breaking the network into segments. A segment is a portion of the network where the data traffic from one part of the network is isolated from the other networking devices. A direct benefit of isolating collision domains is that there will be an increase in the data transfer speed and throughput. This is due to the fact that the LAN bandwidth is not being shared and chances of data collisions are minimized. As a result, the LAN will exhibit faster data transfers and latency within the LAN will be significantly reduced. Reduced latency means that the data packets will arrive at the destination more quickly.
Switches learn the MAC addresses of the connected networking by extracting the MAC address information from the headers of Ethernet data packet headers of transmitted data packets. The switch will map the extracted MAC address to the port where the data packet came in. This information is stored in Content Addressable Memory (CAM). CAM is a table of MAC address and port mapping used by the switch to identify connected networking devices. The extracted MAC addresses are then used by the switch to map a direct communication between two network devices connected to its ports. The MAC address and port information remain in CAM as long as the device connected to the switch port remains active. A timestamp establishes the time when the mapping of the MAC address to a switch port is established. However, switches limit the amount of time address and port information are stored in CAM. This is called aging time. The mapping information will be deleted from the switch’s CAM if there is no activity during this set time. This technique keeps the mapping information stored in CAM up-to-date.
What happens if the destination MAC address is not stored in CAM? In this case, the packet is transmitted out all switch ports except for the port where the packet was received. This is called flooding.
It has been shown that switches minimize the collision domain due to the fact that a direct switch connection is made between networking devices. However, it is important to remember that switches do not reduce the broadcast domain. In a broadcast domain, any network broadcast sent over the network will be seen by all networking devices in the same network. Broadcasts within a LAN will be passed by switches. Refer to the discussion of Figure 5-7 and 5-8 for an example.
Two modes used in a switch to forward frames: store-and-forward and cut-through.
Store-and-Forward: In this mode, the entire frame of data is received before any decision is made regarding forwarding the data packet to its destination. There is switch latency in this mode because the destination and source MAC addresses must be extracted from the packet, and the entire packet must be received before it is sent to the destination. The term switch latency is the length of time a data packet takes from the time it enters a switch until it exits. An advantage of the store-and-forward mode is that the switch checks the data packet for errors before it is sent on to the destination. A disadvantage is lengthy data packets will take a longer time before they exit the switch and are sent to the destination.
Cut-Through: In this mode, the data packet is forwarded to the destination as soon as the destination MAC address has been read. This minimizes the switch latency; however, no error detection is provided by the switch. There are two forms of cut-through switching—Fast-Forward and Fragment Free.
- Fast-Forward: This mode offers the minimum switch latency. The received data packet is sent to the destination as soon as the destination MAC address is extracted.
- Fragment-Free: In this mode, fragment collisions are filtered out by the switch. Fragment-collisions are collisions that occur within the first 64 bytes of the data packet. Recall from Chapter 1, “Introduction to Computer Networks,” Table 1-1 that the minimum Ethernet data packet size is 64 bytes. The collisions create packets smaller than 64 bytes, which are discarded. Latency is measured from the time the first bit is received until it is transmitted.
Adaptive Cut-Through: This is a combination of the store-and-forward mode and cut-through. The cut-through mode is used until an error threshold (errors in the data packets) has been exceeded. The switch mode changes from cut-through to store-and-forward after the error threshold has been exceeded.
Multilayer Switches
Newer switch technologies are available to help further improve the performance of computer networks. The term used to describe these switches is multilayer switches (MLS). An example is a layer 3 switch. Layer 3 switches still work at layer 2 but additionally work at the network layer (layer 3) of the OSI model and use IP addressing for making decisions to route a data packet in the best direction. The major difference is that the packet switching in basic routers is handled by a programmed microprocessor. The layer 3 switch uses application-specific integrated circuits (ASICs) hardware to handle the packet switching. The advantage of using hardware to handle the packet switching is a significant reduction in processing time (software versus hardware). In fact, the processing time of layer 3 switches can be as fast as the input data rate. This is called wire speed routing, where the data packets are processed as fast as they are arriving. Multilayer switches can also work at the upper layers of the OSI model. An example is a layer 4 switch that processes data packets at the transport layer of the OSI model.