Overview of Layer 2 Switching

CCNA 200-301

CCNP Enterprise

CCNP Security

CCIE Enterprise Lab

CCIE Security Lab

CCNP Service Provider

CCNP Data Center

CCNP Collaboration

CCIE DC Lab

2019-09-27

Layer 2 switching (or data link layer switching) is the process of dividing the network using the MAC address of the device on the LAN. The switch and the bridge are used for the second layer exchange. They break up a larger collision domain into a plurality of smaller collision domains.

In a typical LAN, all hosts are connected to a central device. In that past, the device is typically a hub. But the hub has a number of disadvantages, such as not knowing the traffic through them, creating a large collision domain, and the like. To overcome some of the problems of the hub, a bridge is created. They are better than hubs because they create multiple conflict domains, but the number of ports is limited. Eventually, the switch was created and is still widely used. The switch has more ports than the bridge to check incoming traffic and make corresponding forwarding decisions. Each port on the switch is a separate collision domain.

Here is an example of the typical LAN network used today – the switch serves as a central device that connects all devices together:

Differences between hubs and switches

To better understand the concept of packet switching based on device hardware addresses, you need to understand the difference between switches and hubs.

First, consider the example of a LAN, with all hosts connecting to a hub:

As mentioned earlier, the hub only creates a collision domain, so the chance of a collision is high. The hub described above is only a signal that repeatedly receives all of the ports except the port from which the signal is received, so packet filtering is not performed. Imagine if there are 20 hosts connected to the hub, a packet will be sent to 19 hosts, not just one! This can also lead to security problems, as an attacker can capture all traffic on the network.

Now consider the way the switches work. We have the same topology as above, only this we are using a switch instead of a hub.

The switch increases the number of collision domains. Each port is a collision domain, which means there is little chance of a collision. The switch knows which device is connected to which port and forwards the frame based on the target MAC address contained in the frame. This reduces traffic on the LAN and enhances security.

How switches work

Each network card has a unique identifier called Media Access Control (MAC) address. This address is used in LAN for communication between devices on the same network segment. Devices that want to communicate the need to know each others’ MAC addresses before sending packets. They use a process called ARP (Address Resolution Protocol) to find the MAC address of another device. When the hardware address of the target host is known, the sending host has all the information needed to communicate with the remote host.

To better understand the concept of ARP, let’s take a look at the following example:

It is assumed that host a wants to communicate with host b for the first time. The host A knows the IP address of the host B, but since this is the first communication of the two hosts, the hardware (MAC) address is not known. Host A uses the ARP process to find the MAC address of host B. The switch forwards the ARP request to all ports other than the ports that host A is connected to. The host b receives the arp request and responds with its mac address. Host B also learns the MAC.

The address of host A (because host A sends its MAC address in the ARP request). The switch will know which MAC addresses are associated with which port. For example, because host B responds with an ARP response that contains its MAC address, the switch knows the MAC address of host B and stores the address in its MAC address table. As with host A, the switch knows the MAC address of host A because of the ARP request.

Now, when host A sends packets to host B, the switch will look up in its MAC address table and only forward the frame to port Fa0/1(port to which host B is connected). Other hosts in the network will not be involved in communications:

You can display the MAC address table of the switch by using the show mac-address-table command:

Note: if you have been interested in the Layer 2 Switching technology, and you can follow SPOTO. We will update various technique articles on Cisco certification exams.