||It has been suggested that LAN switching be merged into this article. (Discuss) Proposed since December 2016.|
A network switch (also called switching hub, bridging hub, officially MAC bridge) is a computer networking device that connects devices together on a computer network by using packet switching to receive, process, and forward data to the destination device.
A network switch is a multiport network bridge that uses hardware addresses to process and forward data at the data link layer (layer 2) of the OSI model. Some switches can also process data at the network layer (layer 3) by additionally incorporating routing functionality that most commonly uses IP addresses to perform packet forwarding; such switches are commonly known as layer-3 switches or multilayer switches.
Switches for Ethernet are the most common form, and the first Ethernet switch was introduced by Kalpana in 1990. Switches also exist for other types of networks including Fibre Channel, Asynchronous Transfer Mode, and InfiniBand.
Unlike less advanced repeater hubs, which broadcast the same data out of each of its ports and let the devices decide what data they need, a network switch forwards data only to the devices that need to receive it.
A switch is a device in a computer network that electrically and logically connects together other devices. Multiple data cables are plugged into a switch to enable communication between different networked devices. Switches manage the flow of data across a network by transmitting a received network packet only to the one or more devices for which the packet is intended. Each networked device connected to a switch can be identified by its network address, allowing the switch to regulate the flow of traffic. This maximizes the security and efficiency of the network.
When a repeater hub is replaced with an Ethernet switch, the single large collision domain used by the hub is split up into smaller ones, reducing or eliminating the possibility and scope of collisions and, as a result, increasing the potential throughput. Because broadcasts are still being forwarded to all connected devices, the newly formed network segment continues to be a broadcast domain.
A switch is more intelligent than a repeater hub, which simply retransmits packets out of every port of the hub except the port on which the packet was received, unable to distinguish different recipients, and achieving an overall lower network efficiency.
An Ethernet switch operates at the data link layer (layer 2) of the OSI model to create a separate collision domain for each switch port. Each device connected to a switch port can transfer data to any of the other ones at a time, and the transmissions will not interfere - with the limitation that, in half duplex mode, each switch port can only either receive from or transmit to its connected device at a certain time. In full duplex mode, each switch port can simultaneously transmit and receive, assuming the connected device also supports full duplex mode.
In the case of using a repeater hub, only a single transmission could take place at a time for all ports combined, so they would all share the bandwidth and run in half duplex. Necessary arbitration would also result in collisions, requiring retransmissions.
The network switch plays an integral role in most modern Ethernet local area networks (LANs). Mid-to-large sized LANs contain a number of linked managed switches. Small office/home office (SOHO) applications typically use a single switch, or an all-purpose converged device such as a residential gateway to access small office/home broadband services such as DSL or cable Internet. In most of these cases, the end-user device contains a router and components that interface to the particular physical broadband technology. User devices may also include a telephone interface for Voice over IP (VoIP) protocol.
Segmentation involves the use of a bridge or a switch (or a router) to split a larger collision domain into smaller ones in order to reduce collision probability, and to improve overall network throughput. In the extreme case (i.e. micro-segmentation), each device is located on a dedicated switch port. In contrast to an Ethernet hub, there is a separate collision domain on each of the switch ports. This allows computers to have dedicated bandwidth on point-to-point connections to the network and also to run in full-duplex without collisions. Full-duplex mode has only one transmitter and one receiver per "collision domain", making collisions impossible.
Switches may operate at one or more layers of the OSI model, including the data link and network layers. A device that operates simultaneously at more than one of these layers is known as a multilayer switch.
In switches intended for commercial use, built-in or modular interfaces make it possible to connect different types of networks, including Ethernet, Fibre Channel, RapidIO, ATM, ITU-T G.hn and 802.11. This connectivity can be at any of the layers mentioned. While the layer-2 functionality is adequate for bandwidth-shifting within one technology, interconnecting technologies such as Ethernet and token ring is performed easier at layer 3 or via routing. Devices that interconnect at the layer 3 are traditionally called routers, so layer 3 switches can also be regarded as relatively primitive and specialized routers.
Where there is a need for a great deal of analysis of network performance and security, switches may be connected between WAN routers as places for analytic modules. Some vendors provide firewall, network intrusion detection, and performance analysis modules that can plug into switch ports. Some of these functions may be on combined modules.
In other cases, the switch is used to create a mirror image of data that can go to an external device. Since most switch port mirroring provides only one mirrored stream, network hubs can be useful for fanning out data to several read-only analyzers, such as intrusion detection systems and packet sniffers.
While switches may learn about topologies at many layers, and forward at one or more layers, they do tend to have common features. Other than for high-performance applications, modern commercial switches use primarily Ethernet interfaces.
At any layer, a modern switch may implement power over Ethernet (PoE), which avoids the need for attached devices, such as a VoIP phone or wireless access point, to have a separate power supply. Since switches can have redundant power circuits connected to uninterruptible power supplies, the connected device can continue operating even when regular office power fails.
A network hub, or a repeater, is a simple network device that does not manage any of the traffic coming through it. Any packet entering a port is flooded out or "repeated" on every other port, except for the port of entry. Specifically, each bit or symbol is repeated as it flows in (with a minimum delay for the line interface). Due to this, a repeater hub can only receive and forward at a single speed. Since every packet is repeated on every other port, packet collisions affect the entire network, limiting its overall capacity.
There are specialized applications in which a network hub can be useful, such as copying traffic to multiple network sensors. High-end network switches usually have a feature called port mirroring that provides the same functionality.
A network switch creates the layer 1 end-to-end connection only virtually, while originally it was mandatory. The bridging function of a switch uses information taken from layer 2 to select for each packet the particular port(s) it has to be forwarded to, removing the requirement that every node is presented with all traffic. As a result, the connection lines are not "switched" literally, instead they only appear that way on the packet level.
By the early 2000s, there was little price difference between a hub and a low-end switch.
A network bridge, operating at the data link layer, may interconnect a small number of devices in a home or the office. This is a trivial case of bridging, in which the bridge learns the MAC address of each connected device. Bridges also buffer an incoming packet and adapt the transmission speed to that of the outgoing port.
Classic bridges may also interconnect using a spanning tree protocol that disables links so that the resulting local area network is a tree without loops. In contrast to routers, spanning tree bridges must have topologies with only one active path between two points. The older IEEE 802.1D spanning tree protocol could be quite slow, with forwarding stopping for 30 seconds while the spanning tree reconverged. A Rapid Spanning Tree Protocol was introduced as IEEE 802.1w. The newest standard Shortest path bridging (IEEE 802.1aq) is the next logical progression and incorporates all the older Spanning Tree Protocols (IEEE 802.1D STP, IEEE 802.1w RSTP, IEEE 802.1s MSTP) that blocked traffic on all but one alternative path. IEEE 802.1aq (Shortest Path Bridging SPB) allows all paths to be active with multiple equal cost paths, provides much larger layer 2 topologies (up to 16 million compared to the 4096 VLANs limit), faster convergence, and improves the use of the mesh topologies through increased bandwidth and redundancy between all devices by allowing traffic to load share across all paths of a mesh network.
While layer 2 switch remains more of a marketing term than a technical term, the products that were introduced as "switches" tended to use microsegmentation and full duplex to prevent collisions among devices connected to Ethernet. By using an internal forwarding plane much faster than any interface, they give the impression of simultaneous paths among multiple devices. 'Non-blocking' devices use a forwarding plane or equivalent method fast enough to allow full duplex traffic for each port simultaneously.
Once a bridge learns the addresses of its connected nodes, it forwards data link layer frames using a layer 2 forwarding method. There are four forwarding methods a bridge can use, of which the second through fourth methods were performance-increasing methods when used on "switch" products with the same input and output port bandwidths:
While there are specialized applications, such as storage area networks, where the input and output interfaces are the same bandwidth, this is not always the case in general LAN applications. In LANs, a switch used for end user access typically concentrates lower bandwidth and uplinks into a higher bandwidth.
Within the confines of the Ethernet physical layer, a layer-3 switch can perform some or all of the functions normally performed by a router. The most common layer-3 capability is awareness of IP multicast through IGMP snooping. With this awareness, a layer-3 switch can increase efficiency by delivering the traffic of a multicast group only to ports where the attached device has signalled that it wants to listen to that group.
While the exact meaning of the term layer-4 switch is vendor-dependent, it almost always starts with a capability for network address translation, but then adds some type of load distribution based on TCP sessions.
Layer-7 switches may distribute the load based on uniform resource locators (URLs), or by using some installation-specific technique to recognize application-level transactions. A layer-7 switch may include a web cache and participate in a content delivery network (CDN).
Switches are available in many form factors, including stand-alone, desktop units which are typically intended to be used in a home or office environment outside a wiring closet; rack-mounted switches for use in an equipment rack or an enclosure, also as large chassis units with swappable module cards; DIN rail mounted for use in industrial environments; and small installation switches, mounted into a cable duct, floor box or communications tower, as found, for example, in FTTO Infrastructures.
Unless port mirroring or other methods such as RMON, SMON or sFlow are implemented in a switch, it is difficult to monitor traffic that is bridged using a switch because only the sending and receiving ports can see the traffic. These monitoring features are rarely present on consumer-grade switches.
Two popular methods that are specifically designed to allow a network analyst to monitor traffic are:
Another method to monitor may be to connect a layer-1 hub between the monitored device and its switch port. This will induce minor delay, but will provide multiple interfaces that can be used to monitor the individual switch port.
Using the IEEE's next-generation VLAN, called a Service Interface Identifier (I-SID), it is capable of supporting 16 million unique services compared to the VLAN limit of four thousand.
Shortest Path Bridging will replace Spanning Tree in the Ethernet fabric.
It usually means one of two things: - 1. Layer 4 information is used to prioritize and queue traffic (routers have done this for years) - 2. Layer 4 information is used to direct application sessions to different servers (next generation load balancing).
Manage research, learning and skills at defaultLogic. Create an account using LinkedIn or facebook to manage and organize your IT knowledge. defaultLogic works like a shopping cart for information -- helping you to save, discuss and share.