Network Switch

Network switch allows multiple devices share the same wall ethernet port. It works similar to a power outlet

Smarter Network Hub to connect multiple devices together but need to connect to a router to assign ip.

Switch is only for wired connection (ethernet)

Network switch is full duplex. Collisions only possible when it's running in half-duplex.

Analyse network traffic and decide which device it should send to

Use Mac Address to figure out the receiver. Store in the MAC address table, see Switch Address Learning

[!note]
Normally in a switch only single connection can be active at a time between 2 switches. There are technique to fix this problem. Read EtherChannel

What happen when packet comes to the switch

When the Packet comes to the switch, it is stored in the buffered memory. And process in a first-come-first-served or FIFO

Switch type

Managed Switch

Managed switch is more complex, more secure and have better performance. It has the OS system where you can configure how you would route your network

Sonic Sonic Foundation – Linux Foundation Project is an open source OS for managed switch

Unmanaged Switch

Unmanaged switch is less complex, simpler with no configuration.

Layer 2 (L2) Switch

In Layer2, we deal with Data Link layer uses Mac Address to determine where to send data.

It store the Mac Address in the switch table in the switch.

When switches want to talk to a machine, it sends the mac address of that machine to the switch table and the switch will deliver that packet to that machine.

Common type switch, normally you'd find this at home or small - medium size company

Note: A layer 2 switch only send packages based on the mac address. And that's all it needs.

Layer 3 (L3) (Multi-layer switch)

Operate at Layer 3 (Network layer) deals with IP addresses and also mac addresses from layer 2 (backward compatible).

Has SVI (Switch Virtual Interface) which allow data to be routed between VLANS

How switch works (L2 switch example)

For example, if Host A wants to send packet to Host B in the same network group.

Pasted image 20240910230748.png

See: How two node communicate to eachother

Host A will attach some Data (Frame) in the packet
Host A will attach Layer 3 Header which includes:
- src: 10.1.1.11
- dst: 10.1.1.44
- This is an Unicast frame since it only has 1 destination.
Host A will use ARP (Address Resolution Protocol) to figure out whats the mac address of dst. For example in here it will be d4d4
- src: a1a1
- dst: ffff
- This is a Broadcast frame since it's sent to everyone.
  - At this point when the switch receives it, it will store in its MAC Table
    - port 5 -> a1a1
  - And then simply broadcast too all other hosts
Host A will attach Layer 2 Header which includes:
- src: a1a1
- dst: d4d4
Host A send to L2 Switch via port 5 (since it's connected via port 5)
L2 Switch simply see:
- Data, <L2 Header>. So it merged the L3 header with Data
L2 Switch will send the whole packet to the mac address as specified in L2 Header
L2 switch will then use the MAC Table which map the mac address to the switch port
- Each computer in the network needs to connect to the switch to a port
- Then it knows where to send the packet to.
At this stage, since we have Host A wants to send the package to d4d4, with Host A has MAC address of a1a1. The switch at least know that Host A is a1a1.
L2 Switch perform a LEARN action which update the Host A mac address to MAC Table with its connected port to the switch:
- port 5 -> a1a1
However it doesn't know which port has mac address d4d4. It then perform a FLOOD action. It simply broadcast all port (except for port 5 because it's the incoming port)
Now all other host which does not have the mac address of d4d4 will simply discard that frame.
The Host D which has mac address of d4d4 will then generate a response to send back to host A. Which also has Data, <L2 Header>. The L2 Header will be:
- src: d4d4
- dst: a1a1
Host D will send the above data via port 8 (it's connected to the switch via port 8)
Switch will now perform a LEARN action which will update Host D with port 8 to the MAC Table
- port 5 -> a1a1
- port 8 -> d4d4
Switch will then perform a FORWARD action which forward the response to Host A from Host D because a1a1 is in the FIB (Forwarding information base)

Note:

This process is the same whether or not Host A -> another host or through a router to the internet.
The switch also have a MAC address and an IP Address, if traffic is going through the switch, this MAC address and IP address is not involved.
However if there is traffic going to a switch, we will use this MAC address and IP address of the switch.
- This happens when for example you SSH into the switch or Telnet to manage the switch.
- Now the switch will simply acts as a host (a device) in the NIC (Network interface card)

TLDR

A frame is created with src and destination MAC address
If the destination MAC address is in the Switch FIB (Forwarding information base) table, it will send
1. If not, it will send a Broadcast to all port (Flood) and see which one replies and record it into the FIB (Forwarding information base)
If needed to send IP packet but doesn't know which mac address, we use ARP (Address Resolution Protocol) to find out where the mac address is
1. This is also a Broadcast frame.
2. If the network subnet is outside, we send it to the default gateway.

Switch actions

There are 3 actions in a switch:

Learn:
- Update the MAC Table with the port -> mac address. The switch needs to learn the mac address for every frame it receives
Flood:
- Duplicate the frame and send to all ports (ignore the incoming port)
- All other host will receive a copy of that frame
Forward:
- Deliver frame to the correct port based on MC Table

[!note]
Broadcast and Unicast are types of frame. Broadcast frames are always flooded and Unicast frames only flood if MAC address is not in MAC Table
Switch only sends Broadcast if traffic is going TO or FROM the switch. At this point, switch will act as a host
These are not switch actions