What
is a Switch?
A switch is one of crucial
network devices, used to build LAN’s. We connect the workstations, Servers,
printers, VoIP phones and other end devices… etc. to the switches to build the
LAN’s (example shown below). Switches come in 8 ports, 16 ports, 24 ports, 32
ports, 40 ports and 48 ports.
A pic of 48 port Switch is shown below:
Cisco
Catalyst WS-C2960 1
Below shown is an example
of a Switch connecting the Workstations, Servers, VoIP phones and Printers.
This is how the switch is
used to make LAN's. Now the connected devices will be capable to communicate
each other.
How
switches work?
Now let’s understand how the switch helps
the connected devices to communicate each other.
Switches
use the MAC-addresses of the devices to forward the frames to them. For example
if a device-A is connected to port1 of a switch, then that switch will save the
MAC address of the device-A and it maps/associates that MAC address to its port1.
Like
this, the switches will store MAC addresses of the devices connected to them
and their respective ports in a tabular format this table is called as CAM
table (Content Addressable Memory Table). With the help of this CAM table switches
forward the frames between devices.
I just configured the IP address on the workstations
and connected them to the switch ports as shown above. (PC1 to Fa0/1port, PC2
to Fa0/2port and so on…)
Initially
the switch doesn’t know the MAC address of the any of the connected devices; it
means the CAM table of the switch will be empty.
Let’s take a look at the CAM table of Switch0:
Command: “show
mac-address-table” can be executed in
privilege-exec and user-exec mode to see the MAC table of a switch.
Now let’s ping Workstation4
(192.168.1.4) from Workstation2 (192.168.1.2). Then the switch should develop
its CAM table mapping the MAC of Workstation4 (0001.963C.E146) to Fa0/4 port
and the MAC of Workstation2 (0001.4248.5B9E) to Fa0/2 port. Let’s check it out.
Pinging 192.168.1.4 (Wstation4) from 192.168.1.2 (Wstation2):
So both the PC’s were
able to talk to each other. Now let’s check out the CAM/MAC table of our
switch0:
The output shows that the MAC of Workstation4 (0001.963C.E146) is mapped to Fa0/4.
And the MAC of Workstation2 (0001.4248.5B9E) is mapped to
Fa0/2.This is how the builds it’s CAM (Content Addressable
Memory) table & enables the communication between devices connected to it.
The CAM table is refreshed for every 300 seconds; it
means the MAC addresses which are inactive for 300 seconds will be removed from
the MAC table.
In our example if Wstation2 has not
communicated to any device for 300 second’s then the switch will remove the MAC
address of Wstation2 from its CAM table.
Now
question that arises is: how the switch learned the MAC addresses of Wstation2
and Wstation4.
How
switch learns MAC addresses:
Forwarding:
Here we need to understand how the
switch learned the MAC address of the Wstation2 & Wstation4. (In other
words we need to understand how switch came to know that Wstation2 is connected
to Fa0/2 port & Wstation4 is connected to Fa0/4 port). For this first we
need to understand the basic functions of a switch.
Functions
of a Switch:
There are three functions for any
switch:
1.
Learning
2.
Forwarding
3.
Removing layer2
loops (Will discuss it later, while learning STP)
For now let us just learn about the
first two functions: Learning & Forwarding.
Learning:
Whenever
a switch receives a frame on one of its ports, it first examines the source
MAC-address in that frame and checks whether the source MAC is already present
in its CAM table.
Now
here there are two probabilities:
- The CAM table doesn’t have an entry for the source MAC address
- The CAM table have an entry for the source MAC address
Now let’s see how the switch deals in
both the situations:
CAM table doesn’t have an entry for
the source MAC address:
Whenever
a switch doesn’t finds a MAC address received in a frame, in its MAC table. It
will make an entry for that MAC with the port associated to it (nothing but
mapping that MAC address to the port on which the frame is received).
CAM table have an entry for the source
MAC address:
If
an entry for a MAC address is found in its CAM table, then switch will examine:
to which port the MAC address is associated/mapped with. Now the switch will be
again left with two probabilities:
1.
The MAC address is
mapped to the port on which the present frame is received
2.
The MAC address is
mapped to some other port which is different from the port on which the present
frame is received
Let’s see what happens:
MAC address is mapped to the port on
which the present frame is received:
In
this case, since the MAC address in the CAM table is associated or mapped to
the same port, on which the frame is received. The switch will just reset the
aging timer on this port. (Remember that the default aging time for a MAC entry
is 300 seconds)
MAC address is mapped to some other
port:
In
this case, since the MAC address in the CAM table is associated to different
port from which the frame is received. The switch will rewrite the MAC entry
with the new port and resets the timer for the new port.
Till
here we have seen how the switch learns the MAC addresses & develops its
CAM table by using the Source MAC address from the incoming frames.
Now let’s see how the switch forwards
the frame to the destination devices:
Now the second function of the switch
is to forward the frame to the correct destination device. The destination MAC
address is also present in the frame that is received by the switch.
Let’s see how it does the forwarding part:
Whenever
a switch has to forward a frame to a destination, there are two probabilities:
1.
The destination MAC
address is present in the CAM/MAC table
2.
The destination MAC
address is not present in the CAM/MAC table
Let’s check out what happens in both
the situations:
Destination MAC address is present in
the CAM/MAC table:
The
switch has found that the destination MAC in the CAM table, then it just
forward the frame to the port to which the destination MAC address is
associated with.
Destination mac address is not present
in the cam/mac table:
Imagine
a situation where you & your friend went to a museum and your friend is
missing, then what you’ll do to find him. Mostly we will shout his aloud, so
that he listens to our voice and replies back “Hey I’m here dude”. Observer
that when you are shouting your friends name it is not only that your friend is
able to listen your shout but also all the crowd over there, right.
Similarly
whenever a switch doesn’t know where the destination MAC address is present, it
will flood the frame to all of its
active ports except the source port, this process is called Flooding.
Now
all of the connected devices receive this frame, process the frame and they compare
the destination MAC address in the frame to their own MAC address, whichever
the device’s MAC matches to the address in the frame, that device will reply
back to the source machine.
Now
this reply frame is received by the switch, then the switch will perform its
learning function again on this reply frame and maps the device to that
respective port, so that next time it won’t need to shout/flood for this
device. (But remember that the switch will remove this entry if the device won’t
communicate to other device for 300 seconds).
This
is how the switch uses its learning & forwarding functions to forward
frames between the devices connected to it.
PRACTICAL
Observation:
Let’s apply the above theory
step-by-step on our example. When we tried pinging Wstation4 from Wstation2:
1. At first, the Wstation2 generated a frame with the below fields.
For
now don’t bother about how the Wstation2 know the MAC of Wstation4. (We need to understand ARP for this, so
forgot about it now and just concentrate on
the switch operation. If you know ARP that is
well & good)
2. The switch receives
this frame through its Fa0/2 port. (Don’t worry about the pic here)
Now the switch perform its learning
function, it will check whether the SRC MAC: 0001.4248.5B9E is present in its
CAM table or not. Here it comes to know that this MAC address doesn’t exists in
its table, so it will store the Source MAC on Fa0/2 port, as shown below. (If
the switch has the MAC address already on the same port then it will refresh
the timer on that port to 0 seconds)
3. Now the switch will have to perfom its forwarding function. So it will
check whether the DEST MAC is present or not, since it is not there in its
CAM table. Now the switch will flood
the frame to all of its active ports except the source port.
4. Each of the devices that received this frame will compare the DEST
MAC address to their own MAC address. Since DEST MAC matches only with
Wstation4 it accepts the frame and will reply back to the Wstation2 and
all other will ignore this frame.
The destination MAC field is now containing the MAC of Wstation2 and the SRC MAC is containing the MAC of Wstation4 because Wstation4 is replying to the Wstation2, so the source is Wstation4 and the destination is Wstation2.
##Remember
that the switch is learning the MAC addresses only from the incoming frames not
from the outgoing frames##
7. Now the duty of the switch is to forward this frame to the DEST MAC:0001.4248.5B9E
(Wstation2), so it will again checks its CAM table and finds that the DEST
MAC is on the port Fa0/2, then it forwards it to Fa0/2 and the Wstation2
will receive this frame.
8. This is how the switch learns the MAC address and builds its CAM
table inorder to enable the connected devices communicate effectively.
The next post will be
one more LAB for understanding the working of the switch more practically.
