How Switch Works?

It just forwards frames. That’s it.

Yes, the above statement is totally correct. A switch’s main function is forwarding frames between its ports. In this article, we will look more deeply into this functionality and learn how a switch does this!

Learn from the scratch

When you attach 2 computers to a switch and want to access from one computer to other, of course with correct IP Addressing, probably you will achieve this goal with a success. Nearly all switches work out-of-box and you don’t need to configure anything on them. You just plug the power cord, connect computers and that’s it. It works! Like magic, right?

However, when your network starts expanding and becomes more complex, you must understand how a switch works and how you configure it. This is essential to deploy and operate complex and agile networks. This perspective is not necessary only for switching environments, it is required for all of the environments that you manage and operate.

You sent a ping. What happens then?

After you type IP Address of the remote host and send the request, your source computer will encapsulate it regarding to OSI Model and sends it to the link. Encapsulating of a frame by client computer is a different story and you can read it in here. (coming soon)

When encapsulated packet reaches to switchport, switch does following checks:

  • MTU check to ensure that packet size is not bigger than interface MTU
  • FCS verification to discard corrupted packets. This is based on the forwarding algorithm.

When the packet passes above checkpoints, then switch try to determine where it should forward this packet. There are some different behaviours in here and let’s look at them.

Is Destination MAC known?

Switches forward frames based on Destination MACs. However, how they learn MACs or what switch will do if it doesn’t know where the packet must be forwarded?

High Level Logic of a Switch

  • Packets come to switchport
  • Switch checks Destination MAC Address of the packet
  • It looks its CAM Table, formerly known MAC Table
  • If it finds destination MAC address on the table, it forwards that frame to related interface
  • If it doesn’t see DMAC on its CAM, forwards the packet to all interfaces, except the interface that packet comes in.
How Switch Works - Destination MAC Not Known
Destination MAC not in CAM Table. Switch floods out packet to all interfaces

Now, MAC Address is learned

Switches learn MAC Addresses using frames’ Source MAC Address field. When a packet comes to a switchport, switch populates a MAC + Interface Binding on its CAM Table.

Based on the information above; when a switch floods out packets to all interfaces, it learns Destination Computer’s MAC Address and Interface Number and create a field on its CAM Table if remote host replies that packet. Second time, when a client wants to reach the same destination computer, the switch will not flood the packet to all interfaces. It just simply looks at its CAM Table and finds MAC + Interface Binding and transmits packet using the related interface.

How Switch Works - Destination MAC Known
Destination MAC in CAM Table. Switch forwards packet only to Bob

MAC Address Table has aging-time. When this timer reaches to maximum for each MAC Address, it will be deleted from CAM Table.

show mac address-table aging-time
Default Aging Time for Cisco Switches

Extra Step: VLAN Scope

We looked at the behaviour of a switch and understood how it forwards the frames. Now, go further and understand this concept with VLAN usage.

Cisco Switches come with VLAN 1 and this is the default VLAN. It is not possible to delete or shutdown it. For security purposes, you should remove it from any switchport and don’t use it anywhere in your network.

Although removing VLAN 1 from all switchports and Native VLANs, it still works behind the scene between Control-Plane Protocols.

Let’s re-create our list here with VLANs

  • Packets come to switchport
  • Switch checks Destination MAC Address of the packet
  • It looks its CAM Table, formerly known MAC Table, only for VLAN that packet comes in.
  • If it finds destination MAC address on the table, it forwards that frame to related interface
  • If it doesn’t see DMAC on its CAM, forwards the packet to all interfaces that belong to the same VLAN of Source Interface, except the interface that packet comes in.
show mac address-table
MAC Address Table with VLAN + MAC + Interface Bindings

Lets Summarize

Switches use MAC Addresses to forward frames between switchports using their CAM/MAC Tables.

Hope it is clear for you and you understand one of the most important topic.

Thank you for time and see you soon!