In telecommunications terminology, a switch is a device that forwards incoming data from any of multiple input ports to a specific output port that will take the data toward its destination.
Although the most common form of switching is Layer 2 switching, it is important to know that switching can also be performed as Layers 1, 3, and 4, or the OSI Model. The different methods of internetwork switching described in this section are as follows:
- Switching at the Physical Layer
- Switching at the Data Link Layer
- Switching at the Network Layer
- Switching at the Transport Layer
- Multilayer Switching (MLS)
Switching at the Physical Layer
Physical Layer Switching operates at Layer 1 of the OSI Model and allows users to connect any port to any other port within the system. Layer 1 switches use cross-connects to create connections from any port to any other port on the device. In addition to this, Layer 1 switches also have the ability to convert one media type to another (e.g., Ethernet to Fiber) using cross-connects. This provides Physical Layer switches the ability to adapt to changes in the network that could occur over time.
Switching at the Data Link Layer
Although the most commonly known type of Data Link Switching is LAN switching, keep in mind that WAN protocols, such as Frame Relay, also switch packets at the Data Link Layer. Given that the SWITCH exam is focused on only LAN switching, this guide will be restricted to only that form of Layer 2 switching.
A LAN switch is, in many ways, similar to a bridge. Both devices allow you to segment the LAN and create multiple collision domains. However, LAN switches do have several advantages over bridges, which include the following:
- More ports than a bridge would ever be capable of supporting
- Microsegmentation by allowing individual hosts to be connected to individual ports
- Operating at hardware speed using ASICs, versus the software used by bridges
- Supporting Layer 3 and Layer 4 packet switching by including Multilayer features
- Using VLANs to create smaller logical broadcast domains
By default, the implementation of both switches and bridges creates a single broadcast domain, which is simply a logical division of a network in which all hosts can reach each other by broadcasting at the Data Link Layer. Broadcast domains either can reside within the same LAN segment or can be bridged to other LAN segments.
While both switches and bridges create a single broadcast domain, switches support VLANs, which can be used to create multiple logical broadcast domains. A detailed understanding of VLANs is required for the SWITCH exam; therefore, they will be described in detail later in this guide. The following are three primary functions of LAN switches:
- MAC Address Learning
- MAC Address Forwarding and Filtering
- Loop Avoidance and Detection
LAN switches learn Media Access Control (MAC) addresses by examining the source address of each frame received on the interface and using that address to build their forwarding tables. Switches note the incoming port of frames sourced from a MAC address when the device connected to that port sends a frame to another MAC address, as shown in Figure 1-8 below:
Because they initially have no idea where the destination device is, switches will broadcast the received frame out of every port, except for the port on which the frame was received. This is illustrated in Figure 1-9 below:
After the switch has flooded the broadcast packet, it will wait for a device to respond. When the intended destination device responds to the broadcast packet, the switch will note the port the response was received on and place that address into the forwarding table, which is also called the MAC address table. This concept is illustrated in Figure 1-10 below:
This same process is repeated until the switch has learned the MAC addresses of all devices connected to all of its ports. These addresses are then stored in the MAC address table.
NOTE: Switches will never learn a Broadcast address because this can never belong to any single host. If a switch receives a frame with a source address of FFFF-FFFF-FFFF from a port, it will not place that address in the forwarding table. Only Unicast and Multicast addresses are learned and placed in the forwarding table.
Once the switch has learned all the addresses of the devices connected to it, it builds a MAC address table, which lists the MAC addresses of connected devices and the ports to which they are connected. The switch MAC address table uses either Content Addressable Memory (CAM) or Ternary Content Addressable Memory (TCAM). CAM and TCAM will be described in detail later in this chapter.
When a switch receives a frame and the destination port is in the MAC address table, which means it is a known destination, the frame is transmitted out of the destination interface. However, if a switch receives a frame and the destination port is the same as the source port, that frame is filtered out and is not forwarded out of any interfaces. This is the address forwarding and filtering functionality provided by LAN switches.
The third primary function of LAN switches is Layer 2 loop avoidance. A Layer 2 loop occurs when there are multiple redundant paths in the Layer 2 network and the paths are all in a forwarding state at the same time. If this happens, the links will continuously forward frames, resulting in the creation of a network loop. To prevent such incidents from occurring, LAN switches use the Spanning Tree Protocol (STP). Intimate knowledge of STP is a mandatory SWITCH exam requirement; therefore, STP and all relevant STP-related technologies and protocols will be described in detail later in this guide.
Switching at the Network Layer
Network Layer Switching is similar to the routing of packets at Layer 3 by routers, with the exception that it is performed using dedicated hardware Application Specific Integrated Circuits (ASICs), which are dedicated pieces of hardware designed for a specific purpose.
At a very basic level, Layer 3 switches are simply routers that allow for the faster forwarding of packets by using hardware instead of software. In traditional network routers, before a packet is forwarded, the router must perform a route lookup, decrement the packet TTL, recalculate the checksum, and then the frame can be forwarded using the appropriate Layer 2 information. The processor or CPU, using software, typically performs all of these functions.
In Layer 3 switches, these same functions can be performed using dedicated hardware, which offloads the processor-intensive packet routing functionality from traditional network routers. Although Layer 3 Cisco switches, such as the Catalyst 6500 series, still use standard routing protocols (e.g., OSPF and EIGRP) to determine the best path to the destination, they use dedicated hardware to forward packets whenever a complete switched path exists between two hosts. This allows packets to be forwarded at Layer 2 speeds, although Layer 3 protocols are still used to determine the best path to the destination. Layer 3 switching provides the following advantages over Layer 3 routing:
- Hardware-based packet forwarding
- High-performance packet switching
- High-speed scalability
- Low latency
- Lower per-port cost
- Flow accounting
- Quality of Service (QoS)
Cisco Express Forwarding (CEF) is an example of a Layer 3 switching technology supported in Cisco IOS devices, which will be described in detail later in this guide.
Switching at the Transport Layer
Layer 4 switching provides additional routing above Layer 3 by using the port numbers found in the Transport Layer header to make routing decisions. Packets are forwarded, in hardware, based on Network Layer addressing and Transport Layer application information, protocol types, and segment headers.
The largest benefit of Layer 4 switching is that the network administrator can configure a Layer 4 switch to prioritize data traffic by application, which means a QoS can be defined for each user. However, this also means that Layer 4 switches require a lot of memory in order to keep track of application information and conversations.
Layer 4 switches can use information up to Layer 7 to perform packet switching. These switches typically are referred to as Layer 4-7 switches, content switches, content services switches, web switches, or application switches. Examples of Layer 4 or Layer 4-7 switches include the standalone Cisco Content Services Switch and the Content Switching Modules that can be installed into the Catalyst 6500 series switches or 7600 series routers.
Going into detail on Layer 4 or Layer 4-7 switching is beyond the scope of the SWITCH exam requirements. These switching methods will not be described in further detail in this guide.
Multilayer Switching (MLS) combines Layer 2, Layer 3, and Layer 4 switching technologies to forward packets at wire speed using hardware. Cisco supports MLS for both Unicast and Multicast traffic flows.
In Unicast transmission, a flow is a unidirectional sequence of packets between a particular source and destination that share the same protocol and Transport Layer information. These flows are based on only Layer 3 address information.
In Multicast transmission, a flow is a unidirectional sequence of packets between a Multicast source and the members of a destination Multicast group. Multicast flows are based on the IP address of the source device and the destination IP Multicast group address.
In MLS, a Layer 3 switching table (referred to as an MLS cache) is maintained for the Layer 3-switched flows. The MLS cache maintains flow information for all active flows and includes entries for traffic statistics that are updated in tandem with the switching of packets. After the MLS cache is created, any packets identified as belonging to an existing flow can be Layer 3-switched based on the cached information.
In Cisco Catalyst switches, MLS requires the following components:
- Multilayer Switching-Switching Engine (MLS-SE)
- Multilayer Switching-Route Processor (MLS-RP)
- Multilayer Switching Protocol (MLSP)
The MLS-SE is responsible for the packet switching and rewrite functions in ASICs. The MLS-SE is also capable of identifying Layer 3 flows.
The MLS-RP informs the MLS-SE of MLS configuration and runs routing protocols, which are used for route calculation.
The MLSP is a Multicast protocol that is used by the MLS-RP to communicate information, such as routing changes, to the MLS-SE, which then uses that information to reprogram the hardware dynamically with the current Layer 3 routing information. This is what allows for faster packet processing. Multilayer switching will be described in detail later in this chapter.