A typical campus network consists of different devices, such as routers, switches, and firewalls. Generally, a campus network adopts the multi-layer architecture which includes the access layer, aggregation layer, core layer, and egress layer.
And a switch is the device closest to end-users and is used to connect terminals to the campus network. For example, the devices are marked in yellow in the following figure. Switches at the access layer are typically Layer 2 switches.
A Layer 2 switch works at the second layer of the TCP/IP model which is the data link layer and forwards data packets based on MAC addresses.
Working Principles of Switches
To connect multiple Hosts on the intranet to communicate with each other in the simplest way, a Layer 2 switch is usually used to connect the Hosts, as shown in the following figure.
Host1 and Host2 are connected to the same Layer 2 switch. In this case, the Hosts connected to this switch belong to the same LAN. The Hosts have IP addresses on the same network segment and are in the same broadcast domain. A broadcast domain refers to the flooding scope of a broadcast data frame.
The switch maintains the mapping between MAC addresses and interfaces by learning the Source MAC addresses of Ethernet frames. The table that stores the mapping between MAC addresses and interfaces is called a MAC address table. A MAC address table records the mapping between MAC addresses and interfaces of other devices learned by a switch. When forwarding a frame, the switch looks up the MAC address table based on the destination MAC address of the frame. If the MAC address table contains the entry corresponding to the destination MAC address of the frame, the frame is directly forwarded through the outbound interface in the entry. If the MAC address table does not contain the entry corresponding to the destination MAC address of the frame, the switch floods the frame on all interfaces except the interface that receives the frame.
In the initial state, a switch does not know the MAC address of a connected host. Therefore, the MAC address table is empty.
If host 1 wants to send data to host 2 (assume that host 1 has obtained the IP address and MAC address of host 2), host 1 encapsulates the frame with its own source IP address and source MAC address. After receiving the frame, the switch searches its own MAC address table. If no matching entry is found in the table, the switch considers the frame an unknown unicast frame.
The switch floods the received frame because it is an unknown unicast frame. In addition, the switch records the source MAC address and interface number of the received frame in the MAC address table.
Note that the dynamically learned entries in a MAC address table are not always valid. Each entry has a lifespan. If an entry is not updated within the lifespan, the entry will be deleted. This lifespan is called the aging time. For example, the default aging time of Huawei S series switches is 300s.
All hosts on a broadcast network receive the frame but only host 2 processes the frame because the destination MAC address is the MAC address of host 2. Host 2 sends a reply frame, which is also a unicast data frame, to host 1.
After receiving the unicast frame, the switch checks its MAC address table. If a matching entry is found, the switch forwards the frame through the corresponding interface. In addition, the switch records the source MAC address and interface number of the received frame in the MAC address table
Frame processing behaviors of a switch
A switch processes frames in three ways: flooding, forwarding, and discarding.
l Flooding: The switch forwards the frames received from an interface to all other interfaces.
As shown in this figure:
Scenario 1: Host 1 wants to access host 2 and sends a unicast frame to the switch. After receiving the unicast frame, the switch searches the MAC address table for the destination MAC address of the frame. If the destination MAC address does not exist in the table, the switch floods the frame.
Scenario 2: Host 1 wants to access host 2 but does not know the MAC address of host 2. Host 1 sends an ARP Request packet which is a broadcast frame to the switch. The switch then floods the broadcast frame.
l Forwarding: The switch forwards the frames received from an interface to another interface.
As shown in this figure,host 1 wants to access host 2 and sends a unicast frame to the switch. After receiving the unicast frame, the switch finds the corresponding entry in the MAC address table and forwards the frame in point-to-point mode.
l Discarding: The switch discards the frames received from an interface.
As shown in this figure:
Host 1 wants to access host 2 and sends a unicast frame to switch 1. After receiving the unicast frame, switch 1 searches the MAC address table for the destination MAC address of the frame. If the destination MAC address does not exist in the table, switch 1 floods the frame.
After receiving the frame, switch 2 finds that the interface corresponding to the destination MAC address is the interface that receives the frame. In this case, switch 2 discards the frame.
