3.3 Switching

Let’s start this part on switching by looking at how data units get between devices more generally.

Data units are sent by devices and arrive on the cables plugged into the ports of routers or switches. Each data unit is inspected by the router or the switch to see what the destination is. Then the data unit is sent out via another port, which leads either directly to the destination, or to the next step towards the destination.

All destination devices must have an identifier or address that is unique on that network. This is true for both routing and switching although, as we have seen, they use different kinds of addresses.

Shifting our focus now to switching, this is a local area networking technology. Local area networks have their own standards that define how they work, but the one most commonly used one is Ethernet. You may have also come across the term gigabit Ethernet, which is basically a very fast version of Ethernet. You will find that the term Ethernet is commonly used when talking about local networking technologies – for example you may hear cables connecting devices referred to as Ethernet cables, or frames as Ethernet frames. This means they comply to specific rules defined by the Ethernet family of standards, but these form the basis of pretty much all wired local area networks.

Wi-Fi is the equivalent term for wireless connections and technologies.

The addressing used for devices on Ethernet or local area networks are MAC addresses or a media access control address, sometimes also called a physical or hardware address. You can often find it attached to a label on a piece of equipment, like this.

MAC addresses are unique. There ought to be only one item in the world with a given address.

You will see more about what the numbers and digits of a MAC address represent in a later session. But for the purpose of this session you should just be able to recognise a MAC address as 12 numbers and letters grouped into either six groups of two digits or sometimes three groups of four digits.

In Packet Tracer I can find the MAC address of a device simply using the ipconfigcommand.

This is just a very simple network comprising a switch and two PCs. If I click on one of the devices and open a command prompt, and then at the prompt type ipconfig /all (the ‘all’ parameter gives me more detailed information than using ipconfig on its own), then we can see that the MAC address (here it’s listed as the physical address) is three groups of four digits.

Although a MAC address is called an address, it’s really just a unique label. Calling it an address is a little misleading, because the addresses we use in ordinary life do more than simply identify something uniquely.

For example, here’s a postal address. It indicates a building, and its location. It locates the house in relation to a hierarchy of locations. A hierarchical structure like this makes it easier to reach the destination. Postcodes use a similar structure where part of the postcode identifies the nearest town or city and the rest the local area or street.

You saw earlier that IP addresses identify both the host (or end device) and the network it is on. This means they are hierarchical – like postcodes or postal addresses.

MAC addresses don’t do this. They simply give a device a unique label. This means a separate piece of information needs to be linked to it in order to know where that device is located. For example, a person’s name tells you nothing about their location. An address book does this by associating the name with a location.

In a network, the relevant location information for a device with a MAC address is the switch port that the device is connected to. Together these two pieces of information – the MAC address and the port number – mean that switches can deliver data units (or frames as they are known here) to the correct destination.

Next we’ll take a look at how a switch learns to associate the MAC addresses of different devices on the network with the ports that they are connected to. Remember, this is one of the functions of our home gateway as well as the more complicated larger switches that are used in bigger networks.

This is a very simple network comprising four PCs connected to a switch. PC A1 (which is on the left) is connected to port 4 on the switch. And PC A2 (at the top) is connected to port 1. And so on.

When a switch is first connected to a network, it doesn’t know the MAC address of any device. But it starts to learn the addresses and port numbers as soon as it is powered up and starts receiving frames. It gradually builds a table that associates MAC addresses with port numbers. It then consults the table to forward incoming frames to their correct destinations. So a forwarding table or a MAC address table is like a directory of connected devices and their locations.

One way that a switch starts to construct a table is by looking at arriving frames. This is the layout of an Ethernet frame. The different parts of the frame – or fields as they are sometimes referred to – carry different types of information. The numbers above the names of the fields shown here indicate the size of the field. The data that is actually being transmitted is in the next-to-last field, which is why it is so much bigger than the others. This is also sometimes referred to as the payload.

You don’t need to be concerned with all these fields and what they mean. The ones we are concerned with are the third and fourth fields – these are the destination address and source address. Each of these addresses is a MAC address. The switch reads the source address in an arriving frame and associates it with the port the frame arrived on. These two pieces of information become an entry in the forwarding table.

In the early stages of table construction, a switch is likely to receive frames with a destination address that isn’t in the forwarding table yet. In this case, the switch sends the frame out via all ports except the one it arrived on. So in this example, a frame is sent by PC A1 which arrives at the switch. The switch looks at the frame but doesn’t yet know which port the destination MAC address is associated with – so it sends it to all the other PCs it is connected to. This is called broadcasting. Broadcasting is a key principle of switching, as it ensures that destination addresses are reached even if they are not listed in a switch’s forwarding table.

All the devices shown here are said to be in the same broadcast domain. All computers that are connected to the same switch are members of the same broadcast domain – this means they will receive any frames broadcast by the switch.

Let’s look at something similar in Packet Tracer. So this is very like the previous example – a network with a switch and four PCs connected to it.

I’m going to do my own investigation to figure out what the MAC addresses of each of these PCs are and which ports they are connected to. I’ll then compare this to how the switch discovers the same information for itself.

I’ll start by finding the MAC address of one of the PCs. So if we open a command prompt and type in ipconfig /all, this will give us the MAC address of the first PC, which we can see here. So I’m going to make a note of that address next to the PC itself.

If I repeat the same thing for all the other PCs, then these are the results I get.

So we’ve found the MAC addresses of each of the PCs that are connected to our switch. If I then enable the ports to be shown, I’ll be able to find out which of the ports each of these PCs are connected to.

So we have port 1 over here. And port 2. And so on.

So far, I’ve been showing you how to find out this information manually. But now we’ll see how the switch does this for itself.

So I’m going to use the command-line interface on the switch. This is how we can interact with the switch in the same way the command prompt lets us interact with the PCs.

So if I click on the switch, and go to ‘CLI’ (command-line interface), I’m going to start by typing enable. This command enables a higher-level privilege access to the switch, which is what we are going to need to be able to carry out the next task.

If I then type show mac-address-table it brings up the MAC address table, which you can see at the moment is empty.

So we need to go back to the network and send some packets so that the switch can build up a picture of which PCs are connected to which ports and start to populate the table.

I’ll send some packets from one of the PCs to all the others, and I’m going to do this using the pingcommand and the broadcast address of the network. So if I go to one of the PCs and open a command prompt and then type ping 192.168.0.255 – the broadcast address of the network – we can watch the results of sending these packets.

So it looks like the switch is forwarding these messages on and they are being delivered successfully.

So having done that, I’m now going to go back to the switch and type show mac-address-tableagain. And this time, we can see that after doing this, the MAC address table has now been populated with the MAC addresses of the PCs and the ports of the switch they are connected to.

We can compare these results with the MAC addresses we found out previously and see that they are the same.