๐ฏ Meet the Network's Traffic Director
Switches are the workhorses of modern networks. Like a smart bus driver who remembers where every passenger lives and takes the most efficient routes, switches learn device locations and forward traffic intelligently. Understanding switches is crucial for any network professional.
๐ฏ Chapter Goals: Understand switch operation, master MAC address learning, configure basic switch settings, and troubleshoot common switching issues!
๐ What is a Network Switch?
A network switch is a Layer 2 device that forwards Ethernet frames based on MAC addresses. Think of it as an intelligent traffic director for your local network.
Switch vs Hub (The Evolution)
๐ป Hub (Obsolete)
- Operation: Repeats all data to all ports
- Collision Domain: All ports share one domain
- Bandwidth: Shared among all devices
- Intelligence: None - just repeats signals
- Duplex: Half-duplex only
- Security: All devices see all traffic
๐ Switch (Modern)
- Operation: Learns and forwards intelligently
- Collision Domain: Each port is separate domain
- Bandwidth: Dedicated per port
- Intelligence: Maintains MAC address table
- Duplex: Full-duplex capable
- Security: Traffic only to intended recipient
Key Switch Benefits
Collision Domain SeparationEach switch port creates its own collision domain, eliminating collisions
Dedicated BandwidthEach port gets full bandwidth (100Mbps, 1Gbps, etc.)
Intelligent ForwardingOnly sends frames to intended recipients, reducing network congestion
Full DuplexSimultaneous send and receive, effectively doubling throughput
๐ง How Switches Learn - The MAC Address Table
Switches maintain a MAC address table (also called CAM table) to track device locations. This is like a bus driver's mental map of where each passenger lives.
The Learning Process
1
Frame Arrives
Switch receives an Ethernet frame on a port
2
Learn Source MAC
Records source MAC address and incoming port in table
3
Check Destination
Looks up destination MAC in the table
4
Forward Decision
Forwards to specific port or floods if unknown
MAC Address Table Example
| MAC Address |
Port |
Age (seconds) |
| 00:1B:44:11:3A:B7 |
Fa0/1 |
45 |
| 00:50:56:C0:00:08 |
Fa0/5 |
12 |
| AA:BB:CC:DD:EE:FF |
Fa0/12 |
156 |
๐ง Memory Trick: Switches learn source addresses (where frames come FROM) to know where to send frames TO later.
๐ฆ Frame Forwarding Decisions
When a switch receives a frame, it makes one of three decisions based on the destination MAC address:
1. Forward (Unicast)
ConditionDestination MAC address is in the table and on a different port
ActionForward frame only to the specific destination port
BenefitEfficient - doesn't waste bandwidth on other ports
2. Filter (Drop)
ConditionDestination MAC address is in the table on the same port as source
ActionDrop the frame (devices on same port can communicate directly)
BenefitPrevents unnecessary traffic from leaving the collision domain
3. Flood
ConditionDestination MAC address is unknown, broadcast, or multicast
ActionSend frame to all ports except the source port
DownsideCreates traffic on all segments, but necessary for discovery
Frame Processing Example
Scenario: PC-A (port 1) sends to PC-B (port 3)
๐ฅ
Frame arrives on Port 1 with Source: MAC-A, Destination: MAC-B
๐
Switch learns "MAC-A is on Port 1" (if not already known)
๐
Switch looks up MAC-B in table
๐ค
If MAC-B on Port 3: Forward to Port 3 only
If MAC-B unknown: Flood to all ports except Port 1
๐ MAC Address Aging
MAC address table entries don't last forever. Switches use aging to keep tables current and prevent them from filling up.
Aging Process
Default Timer300 seconds (5 minutes) - configurable
Refresh MechanismEvery time a frame is received from a MAC, its timer resets to 0
Aging OutIf no frames from a MAC for 300 seconds, entry is removed
Why NecessaryDevices move, get unplugged, or change ports - table must stay accurate
MAC Table Management Commands
Switch#
show mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0050.56c0.0008 DYNAMIC Fa0/5
1 001b.4411.3ab7 DYNAMIC Fa0/1
Total Mac Addresses for this criterion: 2
Switch#
clear mac address-table dynamic
% All dynamic entries will be deleted
โ๏ธ Basic Switch Configuration
Initial Switch Setup
Switch>
enable
Switch#
configure terminal
Switch(config)#
hostname SW1
SW1(config)#
enable secret cisco123
SW1(config)#
line console 0
SW1(config-line)#
password console123
SW1(config-line)#
login
SW1(config-line)#
exit
Management IP Configuration
SW1(config)#
interface vlan 1
SW1(config-if)#
ip address 192.168.1.10 255.255.255.0
SW1(config-if)#
no shutdown
SW1(config-if)#
exit
SW1(config)#
ip default-gateway 192.168.1.1
SW1(config)#
end
SW1#
copy running-config startup-config
Interface Configuration
interface fastethernet 0/1Enter interface configuration mode for a specific port
description "Server Connection"Add descriptive text to identify the interface purpose
speed 100Force interface speed (10, 100, 1000, or auto)
duplex fullSet duplex mode (half, full, or auto)
shutdownAdministratively disable the port
no shutdownEnable the port (default state)
๐ Switch Monitoring & Verification
Essential Show Commands
show mac address-tableDisplay learned MAC addresses and their ports
show interfacesDetailed statistics for all interfaces
show interfaces fastethernet 0/1Detailed stats for specific interface
show ip interface briefQuick summary of all interfaces
show interfaces statusPort status, VLAN, duplex, speed information
show versionSwitch model, IOS version, uptime, memory
Interface Status Indicators
Up/Up
Physical and logical link working
Up/Down
Physical OK, but no Layer 2 protocol
Down/Down
No physical connection detected
Admin Down
Port disabled by shutdown command
Interface Statistics to Monitor
Input/Output PacketsTotal frames processed - should be increasing with activity
Input/Output ErrorsShould be 0 or very low - high errors indicate problems
CRC ErrorsFrames with checksum errors - indicates bad cables or EMI
CollisionsShould be 0 on modern full-duplex links
Runts/GiantsFrames too small/large - indicates configuration issues
๐จ Common Switch Problems & Solutions
Port Issues
โ Port Shows Down/Down
Physical layer problem
โ
Troubleshooting Steps:
1. Check cable connections (both ends)
2. Try different cable
3. Check if port is shutdown
4. Verify device on other end is powered
โ Slow Network Performance
Users complaining about speed
โ
Check These Issues:
1. Duplex mismatch (half vs full)
2. Speed mismatch (10/100/1000)
3. High error rates on interfaces
4. Broadcast storms or loops
โ Intermittent Connectivity
Connection works sometimes
โ
Potential Causes:
1. Loose cable connections
2. Overheating switch
3. Power supply issues
4. MAC address flapping
Duplex Mismatch Problems
One of the most common and hardest to diagnose switch issues:
SymptomSlow performance, high collision counts, intermittent connectivity
CauseOne end configured for half-duplex, other end for full-duplex
Detectionshow interfaces - look for collisions on full-duplex interfaces
SolutionConfigure both ends the same: duplex auto or manually match settings
๐ Port Security Basics
Port security allows you to control which devices can connect to switch ports, preventing unauthorized access.
Port Security Features
MAC Address LimitingRestrict how many MAC addresses can be learned on a port
Static MAC AssignmentManually specify which MAC addresses are allowed
Violation ActionsDefine what happens when security is violated (shutdown, restrict, protect)
Basic Port Security Configuration
SW1(config)#
interface fastethernet 0/5
SW1(config-if)#
switchport mode access
SW1(config-if)#
switchport port-security
SW1(config-if)#
switchport port-security maximum 2
SW1(config-if)#
switchport port-security violation shutdown
SW1(config-if)#
switchport port-security mac-address sticky
Violation Actions Explained
Shutdown (Default)Disables the port when violation occurs - most secure
RestrictDrops violating frames but keeps port up - logs violations
ProtectDrops violating frames silently - no logging
๐ Broadcast Domains vs Collision Domains
Understanding these concepts is crucial for network design and troubleshooting.
Collision Domains
DefinitionNetwork segment where collisions can occur when two devices transmit simultaneously
Hub BehaviorAll ports share one collision domain
Switch BehaviorEach port creates separate collision domain
Modern RealityFull-duplex eliminates collisions entirely
Broadcast Domains
DefinitionNetwork segment where broadcast frames are propagated
Switch BehaviorAll ports in same VLAN share broadcast domain
Router BehaviorRouters separate broadcast domains
ImpactLarge broadcast domains can cause performance issues
Domain Comparison Example
24-port switch with all ports in default VLAN:
24
Collision Domains
Each port separate
1
Broadcast Domain
All ports together
๐ ๏ธ Hands-On Labs
Lab 1: MAC Address Learning Observation
- Setup: Connect 3 PCs to a switch in Packet Tracer
- Baseline: Check MAC table:
show mac address-table
- Generate Traffic:
- PC1 ping PC2
- PC2 ping PC3
- Check MAC table after each ping
- Observe: Watch how switch learns MAC addresses
- Clear Table:
clear mac address-table dynamic
- Repeat: Generate traffic again and watch relearning
Lab 2: Basic Switch Configuration
- Access Console: Connect to switch console
- Basic Setup:
- Set hostname to "Lab-SW1"
- Configure enable password
- Set console password
- Management IP:
- Configure VLAN 1 with IP 192.168.1.50/24
- Set default gateway 192.168.1.1
- Test connectivity with ping
- Port Configuration:
- Add descriptions to active ports
- Practice shutdown/no shutdown
Lab 3: Interface Monitoring
- Monitor Commands:
show interfaces status - port summaryshow ip interface brief - quick overviewshow interfaces fa0/1 - detailed port stats
- Generate Traffic: Ping between connected devices
- Watch Counters: Run show commands again, observe changes
- Error Simulation:
- Unplug cable, check status
- Shutdown port, observe admin down status
Lab 4: Troubleshooting Challenge
Scenario: Create these problems and practice fixing them:
- Shutdown a port and diagnose "no connectivity"
- Force speed mismatch and observe performance impact
- Configure duplex mismatch and identify symptoms
- Use wrong cable type and troubleshoot
๐ฏ Pro Challenge: Set up a network where PC-A can ping PC-B but not PC-C. Use switch configuration and observation to determine why.
๐ Chapter Summary
- Switch Function: Layer 2 device that forwards based on MAC addresses
- Learning Process: Maintains MAC table by learning source addresses
- Forwarding Decisions: Forward, filter, or flood based on destination MAC
- Collision Domains: Each port creates separate collision domain
- Full Duplex: Simultaneous send/receive eliminates collisions
- Configuration: Hostname, passwords, management IP, interface settings
- Monitoring: MAC table, interface stats, status verification
- Troubleshooting: Common issues like duplex mismatches, cable problems
๐ฏ Switching Mastery! You now understand how modern Ethernet networks operate at Layer 2. Switches are the foundation of every LAN.
๐ Switching Fundamentals Quiz
1. How does a switch learn MAC addresses? By examining source MAC addresses of incoming frames and associating them with the receiving port
2. What happens when a switch receives a frame with unknown destination MAC? It floods the frame to all ports except the source port
3. What's the default MAC address aging time? 300 seconds (5 minutes)
4. What command shows the switch MAC address table? show mac address-table
5. What does "Up/Down" interface status mean? Physical layer is up but no Layer 2 protocol communication
6. What's a common cause of slow performance on switches? Duplex mismatch - one side half-duplex, other side full-duplex
7. How many collision domains does a 24-port switch create? 24 collision domains - each port is a separate collision domain
8. What's the difference between a hub and switch? Hubs share bandwidth and collision domains; switches provide dedicated bandwidth and separate collision domains per port
๐ Fantastic! You've mastered switching fundamentals. Ready to learn how VLANs create logical network separation?
Comments