Layer 2 Switching
When Cisco discusses switching, theyâ€™re talking about layer 2 switching unless they say otherwise. Layer 2 switching is the process of using the hardware address of devices on a LAN to segment a network. Since youâ€™ve got the basic ideas down, Iâ€™m now going to focus on the particulars of layer 2 switching and nail down how it works.
Okay, you know that switching breaks up large collision domains into smaller ones, and that a collision domain is a network segment with two or more devices sharing the same bandwidth.
A hub network is a typical example of this type of technology. But since each port on a switch is actually its own collision domain, you can make a much better Ethernet LAN network just by replacing your hubs with switches!
Switches truly have changed the way networks are designed and implemented. If a pure switched design is properly implemented, it absolutely will result in a clean, cost-effective, and resilient internetwork. In this chapter, weâ€™ll survey and compare network design before and after switching technologies were introduced.
Routing protocols (Next Lesson, â€śIP Routingâ€ť) have processes for stopping network loops from occurring at the Network layer. However, if you have redundant physical links between your switches, routing protocols wonâ€™t do a thing to stop loops from occurring at the Data Link layer. Thatâ€™s exactly the reason Spanning Tree Protocol
was developedâ€”to put a stop to loops in a layer 2 switched internetwork. The essentials of this vital protocol, as well as how it works within a switched network, are also important subjects this chapter will cover thoroughly.
When frames traverse a switched network, the LAN switch type determines how a frame is forwarded to an exit port on a switch. There are three different types of LAN switch methods, and each one handles frames differently as they are forwarded through a switch. This chapter will discuss the three methods used by Cisco switches. Iâ€™ll wrap this chapter up by showing you how to provide basic configuration to the 1900 and 2950 Cisco Catalyst switches. And in the next chapter, â€śVirtual LANs (VLANs),â€ť youâ€™ll learn how to configure the switches with VLANs.
Before Layer 2 Switching
Letâ€™s go back in time a bit and take a look at the condition of networks before switches and how switches have helped segment the corporate LAN. Before LAN switching, the typical network design looked like the network in Figure 2.1.
Figure 2.1 Before switching
The design in Figure 2.1 was called a collapsed backbone because all hosts would need to go to the corporate backbone to reach any network servicesâ€”both LAN and mainframe. Going back even further, before networks like the one shown in Figure 2.1 had physical segmentation devices such as routers and hubs, there was the mainframe network. This network included the mainframe (IBM, Honeywell, Sperry, DEC, etc.), controllers, and dumb terminals that connected into the controller. Any remote sites were connected to the mainframe with bridges.
And then the PC began its rise to stardom, and the mainframe was connected to the Ethernet or to a Token Ring LAN where the servers were installed. These servers were usually O/S2 or LAN Manager because this was â€śpre-NT.â€ť Each floor of a building ran either coax or twisted-pair wiring to the corporate backbone, and was then connected to a router. PCs ran an emulating software program that allowed them to connect to the mainframe services, giving those PCs the ability to access services from the mainframe and LAN simultaneously. Eventually the PC became robust enough to allow application developers to port applications more effectively than they could ever beforeâ€”an advance that markedly reduced networking prices and enabled businesses to grow at a much faster rate.
When Novell became more popular in the late 1980s and early 1990s, O/S2 and LAN Manager servers were by and large replaced with NetWare servers. This made the Ethernet network even more popular, because thatâ€™s what Novell 3. x servers used to communicate with client/server software.
So thatâ€™s the story about how the network in Figure 2.1 came into being. There was only one problemâ€”the corporate backbone grew and grew, and as it grew, network services became slower. A big reason for this was that, at the same time this huge burst in growth was taking place, LAN services needed even faster service, and the network was becoming totally saturated. Everyone was dumping the Macs and dumb terminals used for the mainframe service in favor of those slick new PCs so they could more easily connect to the corporate backbone and network services.
All this was taking place before the Internetâ€™s momentous popularity (Al Gore was still inventing it?), so everyone in the company needed to access the corporate networkâ€™s services. Why? Because without the Internet, all network services were internalâ€”exclusive to the company network. This created a screaming need to segment that one humongous and plodding corporate network, connected with sluggish old routers. At first, Cisco just created faster routers (no doubt about that), but more segmentation was needed, especially on the Ethernet LANs. The invention of FastEthernet was a very good and helpful thing too, but it didnâ€™t address that network segmentation need at all.
But devices called bridges did, and they were first used in the network to break up collision domains. Bridges were sorely limited by the amount of ports and other network services they could provide, and thatâ€™s when layer 2 switches came to the rescue. These switches saved the day by breaking up collision domains on each and every portâ€”like a bridge, and switches could provide hundreds of ports! This early, switched LAN looked like the network pictured in Figure 2.2:
Figure 2.2 The first switched LAN
Each hub was placed into a switch port, an innovation that vastly improved the network. Now, instead of each building being crammed into the same collision domain, each hub became its own separate collision domain. But there was a catchâ€”switch ports were still very new, hence unbelievably expensive. Because of that, simply adding a switch into each floor of the building just wasnâ€™t going to happenâ€”at least, not yet. Thanks to whomever you choose to thank for these things, the price has dropped dramatically, so now having every one of your users plugged into a switch port is both good and feasible.
So there it isâ€”if youâ€™re going to create a network design and implement it, including switching services is a must. A typical contemporary network design would look something like Figure 2.3, a complete switched network design and implementation. â€śBut I still see a router in there,â€ť you say! Yes, itâ€™s not a mirageâ€”there is
a router in there. But its job has changed. Instead of performing physical segmentation, it now creates and handles logical segmentation. Those logical segments are called VLANs, and I promise Iâ€™ll explain them thoroughlyâ€” both in the duration of this chapter and in next chapter, where theyâ€™ll be given a starring role.
Figure 2.3 The typical switched network design
Unlike bridges that use software to create and manage a filter table, switches use application specific integrated circuits (ASICs) to build and maintain their filter tables. But itâ€™s still okay to think of a layer 2 switch as a multiport bridge because their basic reason for being is the same: to break up collision domains.
Layer 2 switches and bridges are faster than routers because they donâ€™t take up time looking at the Network layer header information. Instead, they look at the frameâ€™s hardware addresses before deciding to either forward the frame or drop it.
Switches create private dedicated collision domains and provide independent bandwidth on each port, unlike a hub. Figure 2.4 shows five hosts connected to a switchâ€”all running 10Mbps half-duplex to the server:
Unlike a hub, each host has 10Mbps dedicated communication to the server. Layer 2 switching provides the following:
- Hardware-based bridging (ASIC)
- Wire speed
- Low latency
- Low cost
What makes layer 2 switching so efficient is that no modification to the data packet takes place. The device only reads the frame encapsulating the packet, which makes the switching process considerably faster and less error-prone than routing processes are.
Figure 2.4 Switches create private domains
And if you use layer 2 switching for both workgroup connectivity and network segmentation (breaking up collision domains), you can create a flatter network design with more network segments than you can with traditional routed networks.
Plus, layer 2 switching increases bandwidth for each user because, again, each connection (interface) into the switch is its own collision domain. This feature makes it possible for you to connect multiple devices to each interface.
In the following sections, I will dive deeper into the layer 2 switching technology.
Limitations of Layer 2 Switching
Since we commonly stick layer 2 switching into the same category as bridged networks, we also tend to think it has the same hang-ups and issues that bridged networks do. Keep in mind that bridges are good and helpful things if we design the network correctly, keeping their features as well as their limitations in mind. And to design well with bridges, the two most important considerations are:
- We absolutely must break up the collision domains correctly.
- The right way to create a functional bridged network is to make sure that its users spend 80 percent of their time on the local segment.
Bridged networks break up collision domains, but remember, that network is still one large broadcast domain. Neither layer 2 switches nor bridges break up broadcast domains by defaultâ€”something that not only limits your networkâ€™s size and growth potential, but can also reduce its overall performance. Broadcasts and multicasts, along with the slow convergence time of spanning trees, can give you some major grief as your network grows. These are the big reasons why layer 2 switches and bridges cannot completely replace routers (layer 3 devices) in the internetwork.
Bridging vs. LAN Switching
Itâ€™s trueâ€”layer 2 switches really are pretty much just bridges that give us a lot more ports, but there are some important differences you should always keep in mind:
- Bridges are software based, while switches are hardware based because they use ASIC chips to help make filtering decisions.
- A switch can be viewed as a multiport bridge.
- Bridges can only have one spanning-tree instance per bridge, while switches can have many. (Iâ€™m going to tell you all about spanning trees in a bit.)
- Switches have a higher number of ports than most bridges.
- Both bridges and switches forward layer 2 broadcasts.
- Bridges and switches learn MAC addresses by examining the source address of each frame received.
- Both bridges and switches make forwarding decisions based on layer 2 addresses.
Three Switch Functions at Layer 2
There are three distinct functions of layer 2 switching (you need to remember these!): address learning , forward/filter decisions , and loop avoidance .
Layer 2 switches and bridges remember the source hardware address of each frame received on an interface, and they enter this information into a MAC database called a forward/filter table.
When a frame is received on an interface, the switch looks at the destination hardware address and finds the exit interface in the MAC database. The frame is only forwarded out the specified destination port.
If multiple connections between switches are created for redundancy purposes, network loops can occur. Spanning Tree Protocol (STP) is used to stop network loops while still permitting redundancy.
Iâ€™m going to talk about address learning, forward/filtering decisions, and loop avoidance in detail in the next sections.
When a switch is first powered on, the MAC forward/filter table is empty, as shown in Figure 2.5: When a device transmits and an interface receives a frame, the switch places the frameâ€™s source address in the MAC forward/filter table, allowing it to remember which interface the sending device is located on. The switch then has no choice but to flood the network with this frame out of every port except the source port because it has no idea where the destination device is actually located.
FIGURE 2.5 Empty forward/filter table on a switch
FIGURE 2.6 How switches learn hostsâ€™ locations
If a device answers this flooded frame and sends a frame back, then the switch will take the source address from that frame and place that MAC address in its database as well, associating this address with the interface that received the frame. Since the switch now has both of the relevant
MAC addresses in its filtering table, the two devices can now make a point-to-point connection. The switch doesnâ€™t need to flood the frame as it did the first time, because now the frames can and will be forwarded only between the two devices. This is exactly the thing that makes layer 2 switches better than hubs. In a hub network, all frames are forwarded out all ports every timeâ€”no matter what! Figure 2.6 shows the processes involved in building a MAC database:
In this figure, you can see four hosts attached to a switch. When the switch is powered on, it has nothing in its MAC address forward/filter table, just as in Figure 2.5. But when the hosts start communicating, the switch places the source hardware address of each frame in the table along with the port that the frameâ€™s address corresponds to.
Let me give you an example of how a forward/filter table is populated:
1. Host A sends a frame to Host B. Host Aâ€™s MAC address is 0000.8c01.000A; Host Bâ€™s MAC address is 0000.8c01.000B.
2. The switch receives the frame on the E0/0 interface and places the source address in the MAC address table.
3. Since the destination address is not in the MAC database, the frame is forwarded out all interfacesâ€”except the source port.
4. Host B receives the frame and responds to Host A. The switch receives this frame on interface E0/1 and places the source hardware address in the MAC database.
5. Host A and Host B can now make a point-to-point connection and only the two devices will receive the frames. Hosts C and D will not see the frames, nor are their MAC addresses found in the database because they havenâ€™t yet sent a frame to the switch.
If Host A and Host B donâ€™t communicate to the switch again within a certain amount of time, the switch will flush their entries from the database to keep it as current as possible.
When a frame arrives at a switch interface, the destination hardware address is compared to the forward/filter MAC database. If the destination hardware address is known and listed in the database, the frame is only sent out the correct exit interface. The switch doesnâ€™t transmit the frame out any interface except for the destination interface. This preserves bandwidth on the other network segments and is called frame filtering .
But if the destination hardware address is not listed in the MAC database, then the frame is flooded out all active interfaces except the interface the frame was received on. If a device answers the flooded frame, the MAC database is updated with the deviceâ€™s location (interface).
If a host or server sends a broadcast on the LAN, the switch will flood the frame out all active ports except the source port by default. Remember, the switch only creates smaller collision domains, but itâ€™s still one large broadcast domain by default.
Redundant links between switches are a good idea because they help prevent complete network failures in the event one link stops working.
Sounds great, but even though redundant links can be extremely helpful, they often cause more problems than they solve. This is because frames can be flooded down all redundant links simultaneously, creating network loops as well as other evils. Hereâ€™s a list of some of the ugliest problems:
- If no loop avoidance schemes are put in place, the switches will flood broadcasts endlessly throughout the internetwork. This is sometimes referred to as a broadcast storm . (But most of the time itâ€™s referred to in ways weâ€™re not permitted to repeat in print!) Figure 2.7 illustrates how a broadcast can be propagated throughout the network. Observe how a frame is continually being flooded through the internetworkâ€™s physical network media:
FIGURE 2.7 Broadcast storm
- A device can receive multiple copies of the same frame, since that frame can arrive from different segments at the same time. Figure 2.8 demonstrate how a whole bunch of frames can arrive from multiple segments simultaneously. The server in the figure sends a unicast frame to Router C. Since itâ€™s a unicast frame, Switch A forwards the frame, and Switch provides the same serviceâ€”it forwards the broadcast. This is bad because it means that Router C receives that unicast frame twice, causing additional overhead on the network.
- You may have thought of this one: The MAC address filter table will be totally confused about the deviceâ€™s location because the switch can receive the frame from more than one link. And whatâ€™s more, the bewildered switch could get so caught up in constantly updating the MAC filter table with source hardware address locations that it will fail to forward frame! This is called thrashing the MAC table.
- One of the nastiest things that can happen is multiple loops generating throughout a network. This means that loops can occur within other loops, and if a broadcast storm were to also occur, the network wouldnâ€™t be able to perform frame switchingâ€”period!
All of these problems spell disaster (or at least close to it) and are decidedly evil situations that must be avoided, or at least fixed somehow. Thatâ€™s where the Spanning Tree Protocol comes into the game. It was developed to solve each and every one of the problems I just told you about.
FIGURE 2.8 Multiple frame copies