Understanding Ethernet Switching Technology in One Article

Labs Guide

Currently, most campus networks are networked using switches. Network management using switches is very flexible, and virtual local area networks (VLANs) can be created according to the needs of the same department or with the same management requirements. So how do switches in the campus exchange data packets? How are different departments isolated?

Part 01: Ethernet Basics

1.1 MAC address

MAC address, also known as physical address, is the address assigned by the manufacturer to the network card. MAC address is unique, just like each of us has an ID number to identify ourselves, the network card uses MAC address to identify itself. A MAC address has 48 bits and is generally represented in hexadecimal. The figure shows the representation of MAC address:

1.2 Ethernet frame format

The frames used by Ethernet technology are called Ethernet frames, or Ethernet frames for short. Ethernet frames generally use the Ethernet Ⅱ format. The following figure shows an Ethernet frame in Ethernet Ⅱ format:

(1) Destination MAC address: This field indicates the receiver of the frame, which can be a unicast address, a multicast address, or a broadcast address.

(2) Source MAC address: This field indicates the sender of the frame. The source MAC address can only be a unicast MAC address.

(3) Type: Indicates the type of payload data. This field is 2 bytes. If it is an IPv4 packet, it is 0x0800.

(4) Payload data: represents the effective load of the data frame, and its length is variable.

(5) CRC field: Cyclic redundancy check, which is used to perform error detection on the frame.

Part 02: Ethernet Switch

2.1 Switch forwarding operation

The switch has a MAC address table, and the switch forwards frames based on this table. There are generally three types of forwarding operations for switches: forwarding, discarding, and flooding. Forwarding means forwarding a frame from another interface after receiving it; discarding means discarding a frame after receiving it and not forwarding it; flooding means forwarding a frame received from a certain interface through all other interfaces. The following figure shows the three forwarding methods of a switch:

Figure 4 Switch flooding operation

2.2 Switch forwarding process

As mentioned above, the switch forwards frames based on the MAC address table. At the beginning, the MAC address table of the switch is empty. The switch can automatically build a MAC address table based on the source MAC address of the received frame. As shown in the figure, PC1 sends a frame x to PC2. When the frame reaches the switch, the switch will add a mapping entry of the source MAC address and the corresponding interface in the MAC address table. The switch will search the MAC address table for the interface corresponding to the destination MAC of the frame. If it is found in the MAC address table, it will forward it. If it is not found, the switch will flood the frame x. When PC3 receives this frame, it will discard it. After receiving this frame, PC2 will respond with a frame y with the source MAC being PC2's MAC address and the destination address being PC1's MAC address. After receiving it, the switch will query the MAC address table. At this time, it will find the interface corresponding to the MAC and then forward it from this interface. At the same time, a mapping entry of PC2's MAC address and the corresponding interface will be added to the MAC address table.

Part 03, Vlan

3.1 What is VLAN

A switch is a broadcast domain, and all ports of the entire switch belong to the same broadcast domain. Usually a broadcast domain is a logical subnet. When there are multiple switches in a network, the network will become very large. At this time, the devices in the network may be consumed by a large number of broadcast resources, and it is impossible to flexibly plan the network structure according to business needs. Virtual local area network (VLAN) can solve the above problems. By assigning the ports of the switch to a specific VLAN, the broadcast domain can be isolated. Different VLANs are different broadcast domains. Even if the IP addresses of the PCs in two VLANs are in the same network segment, they cannot communicate. Different VLANs cannot perform Layer 2 intercommunication. VLANs can be flexibly planned according to business needs. As shown in the figure, PC1, PC2, and PC3 belong to VLAN 1, and PC4, PC5, and PC6 belong to VLAN 2. When PC1 sends a frame x, the switch cannot find the MAC address table at first and performs flooding. At this time, only PC2 and PC3 in the same VLAN can receive this frame. The same is true for frame y sent by PC4.

3.2 VLAN Division

In a network that supports VLANs, the frames sent by computers are untagged frames. When the frames reach the switch, the switch will classify them into a VLAN based on the division method. Generally, there are four main division methods:

• Vlan based on interface division: Map the Vlan id to the physical interface of the switch. The data frames sent by the PC are untagged and will be divided into the Vlan indicated by the vlan id of the interface.
• VLAN based on MAC address: Determine which VLAN the data frame belongs to by querying and recording the MAC address of the network card of the PC connected to the port.
• Subnet-based VLAN: The VLAN to which the port belongs is determined by the IP address of the connected computer.
• User-based VLAN: The VLAN to which the port belongs is determined based on the currently logged-in user on the computer connected to each port of the switch.

3.3 Switch interface types

The Layer 2 interfaces of common switches are generally divided into the following three types: access, trunk, and hybrid. The access interface and trunk interface are commonly used. The following introduces the access and trunk port types respectively through the processing of Vlan tags:

(1) Access: Usually used for direct connection to terminals, often used to connect PCs, servers or other terminals. Switches and routers are generally connected using Access. Access interfaces can only join one VLAN. Once joined to a specific VLAN, the device connected to the interface also joins the VLAN. By default, it joins VLAN 1. When receiving data, if the Access interface receives untagged data, it will add the VLAN ID of this interface for reception. If it is tagged data, it will compare the VLAN ID of the tag data with the VLAN ID of this interface to see if they are consistent. If they are consistent, it will be received, otherwise it will be discarded. When sending data, it will first compare the VLAN ID of the data to be sent. If it is consistent with the VLAN ID of this interface, the tag will be stripped and sent in untag form; if it is inconsistent with the VLAN ID of this interface, it will not be sent. As shown in the following figure: A, B, C, and D belong to VLAN 1, and E, F, H, and G belong to VLAN 2. Computer A sends a frame to D. It enters the switch interface and adds the VLAN 1 tag. It goes out of the interface and removes the VLAN 1 tag. Frames sent and received by computers do not carry VLAN tags.

(2) Trunk: When a link needs to carry information from multiple VLANs, a trunk is used to implement this. Trunks are generally used between switches or between switches and firewalls. Trunk ports can belong to multiple VLANs. When receiving untagged data, the trunk interface will add the VLAN ID of the interface to receive it. If it is tagged data, it will first check whether the interface list contains the VLAN ID. If so, it will receive it, otherwise it will discard it. When sending data, it will first check the interface list. If the VLAN ID of the data to be sent is in the list, it will be allowed to send, otherwise it will not be sent from this interface. Secondly, if the data is allowed to be sent, it will compare whether the tag of the data to be sent is consistent with the VLAN ID of the interface. If they are consistent, untagged data will be sent, otherwise tagged data will be sent. As shown in the following figure: A, B, C, and D belong to VLAN 1, and E, F, H, and G belong to VLAN 2. They are connected to two switches respectively. Computer C sends a frame to D. It is tagged with VLAN 1 when it enters the switch interface, and still carries the VLAN tag when it goes out of the trunk interface.

Part 04. Summary

In summary, the Layer 2 switch mainly forwards data frames through MAC addresses. Using switches to build network management is very flexible and can increase network throughput. By using VLAN technology to isolate broadcast domains, it can reduce resource loss caused by a large number of broadcasts and filter some messages that do not need to be forwarded.